Reverse Proxy Issue - wordpress

the issue is our reverse proxy. When a user is logged in, the reverse proxy will send requests to the root path to the application rather than the marketing site. When a user is not logged in, requests to the root path are sent to the marketing site.
In the logged-in case, the request is never received by WordPress (it gets proxied to the application) so it never hits the redirect rules.
Marketing site: www.website.com/
App: www.website.com/app
CASES:
When logged out: Searching blog is working and the redirection rule (search page redirects to www.website.com/blog/search/a) is working
When logged in on the app: Searching blog redirects to accounts www.website.com/app root path instead of redirecting to this path www.website.com/blog/search/a (WordPress search redirect not working)
Where should I start fixing it?

Related

Firebase hosting redirect http to https in custom domain

I hosted a website in firebase hosting and connected a custom domain, the domain is connected properly as you can see in the screenshot.
firebase hosting screenshot
The problem is if someone for the first time in their browsing session writes http://plucreo.com it does not get redirect to https://plucreo.com and the connection gets timed out. This does not happen with the default domain http://plucreo.web.app it redirects to https:// one correctly.
But, if you manually type https://plucreo.com in address bar, for the current browsing session http://plucreo.com starts correctly redirecting to https:// one.
How to fix this redirecting issue?

asp.net website, authentication when url is with www and without www

I have website built with ASP.NET MVC. The website has SSL so I have a redirection from any call to https.
However, when a user is loging in, I can have two tabs, one with the website open using www and the other is not using www: https://example.com and https://www.example.com.
If a user is logged in using one form of url I would expect the browser to notice that the user is logged in even if the other tab uses the other form of url. But this is not the case. The browser (Chrome on Windows) does not recognizes that the user is logged in.
How can I handle that so the user will appear logged in using any form of url?
You should setup a 301 redirect from www.example to example or example to www.example so your users only use the application from a single domain. Many websites (Facebook, Reddit, and StackOverflow to name a few) use a 301 redirect from www.domain.com to domain.com.

Showing wrong password while redirect site from http to https

I have migrated the site from HTTP to HTTPS in IIS8.5 using URL redirect module. But while redirect the front end site to https showing wrong password dialog box though providing correct credentials. I could see that cookies are not storing while the site is redirecting.
What should be done so that cookies can be stored as well?

Azure App Service won't serve via HTTP

I have an ASP.net MVC app running on Azure App Service ... I've searched for the answer, but have not found it ... my app seems to always force HTTPS redirect, no matter what. All the docs say it should serve content via HTTP by default, but it does not. Most everyone has the opposite problem of needing to redirect HTTP to HTTPS.
I need Azure App Service to do the following:
1) Serve static Default.htm page via HTTP, without redirecting to HTTPS
My app has a custom domain and no SSL for the custom domain. I want the URL http://example.com/Default.htm to serve the static page, not redirect to HTTPS to serve the static page. I will use azurewebsites domain when I want users to be in HTTPS. I want to use my custom domain name to serve a static home page for users arriving at my site.
As far as I can determine, I do not have any app extensions installed (such s https redirect extension), or anything in web.config to force https, or any RequireHTTPS attributes ... can anyone explain why plain old regular boring HTTP doesn't work here?
Thanks

Same cookie to 2 domain drupal which is One site

I have a Drupal 6.22 webpage. And I have a .de and a .at top level domain. Now the .at domain is an alias of .de. And I want:
I want to use the .at and the .de domain separately, exactly when anybody open my .at/indexp.php, not drop trough the .de domain.
I want to monitoring the incoming users.
So I want to hosting 2 site from 1 server, and I want to have a same login cookie, so anybody log in at .at, and navigating to .de, he keep logged in.
I know, the 2 page with same cantainment is killing the SEO, so thats a new more question.
I tried to solve the "Same Cookie" problem width $cookie_domain, but i can't. As I read, it's just working with 2 different server's 2 different sites.
Without some coding to authenticate the user between both sites, you can't do this.
Technically, browser won't send the cookies to other domains.
If the $cookie_domain is example.com, then www.example.com, extras.example.com will not get the cookies of example.com.
If it's .example.com, all example.com and its sub domains will get the cookies from browser. (note the leading dot before example.com)
You can't send example.com's cookies from another domain. That's why you are seeing you get redirected to Youtube and back to google when you login at a google domain.
You can point both domains to the same domain and it will work without a problem. But users will have to login twice in both sites.
Alternately you can send the user to the other site right after they login.
For an example, when user logs in at example.com, when the login is successful, send the user to the other domain immediately and the other site (example.net for instance) can do the same authentication and send user back to the origin site.
I don't know any module that does this though.

Resources