My wordpress website is using cloudfare and I desided to make my website from http:// -> https://
I installed Wordpress HTTPS and SSL Insecure Content Fixer plugins and changed URLs in Settings -> General (from http:// to https://)
This made my home page & admin area show "ERR_TOO_MANY_REDIRECTS". ALL other pages work great with the green https:// bar
I tried make things which I found on google: adding lines to wp-config.php or .htaccess But either it doesn't change anythin or it breaks other pages too.
Website is hosted on Ubuntu server.
P.S. Only if I replace https:// to http:// (through the mysql) I can access admin area and home page BUT they load without css styles.
Add this code to your wp-config.php (before $table_prefix = 'wp_'; line) and it will work.
if (strpos($_SERVER['HTTP_X_FORWARDED_PROTO'], 'https') !== false)
$_SERVER['HTTPS']='on';
define('FORCE_SSL_ADMIN', true);
The first block "tells" PHP that your website is already using https. (you need to tell it because it is not local apache https, but 3rd party out-server SSL). Second one forces wp-admin always use SSL.
Related
I installed the SSL certificate. I changed the WordPress URL and site URL to https in general setting. But the theme js file and CSS file still working on the Http. And it's showing me the mixed content error.
Most SSL issues are due to plugins/themes using the wrong code to load CSS/JS.
Under WordPress General Settings change the WordPress Address (URL) and the Site Address (URL) from HTTP to HTTPS. If you don't have access to your admin you can change this via your wp-config.php http://codex.wordpress.org/Editing_wp-config.php
Use the proper url paths for your themes and plugins: http://codex.wordpress.org/Determining_Plugin_and_Content_Directories for example hardcoding the WP_PLUGIN_URL will not work as opposed to plugin_dir_url. The functions are generally SSL friendly because they have time to check if the site is SSL enabled, the constants are not.
For the admin/login you can force SSL via the wp-config.php:
Login: define('FORCE_SSL_LOGIN', true);
Admin: define('FORCE_SSL_ADMIN', true);
Of course any hardcoded assets will be a problem or plugins/themes that incorrectly load assets.
You can also update your themes and plugins via SSL if your server has libssh2 , you can also define the port# and Auth keys. If this is enabled you do not have to define anything it will just magically show up in the admin settings.
I found the issue. static URL defined in the header file.
Thanks
I don't know how the visual editor broke, it has just disappeared.
users >> Profile >> Visual Editor check box - it's ok
I don't have permissions for editing wp-config.php, for add code define('CONCATENATE_SCRIPTS', false );
I removed all plugins
I have permission for editing files into /themes and admin panel.
Can you help me to fix this problem?
Inspect element shows:
Mixed Content: The page at 'example.com/blog/wp-admin/post-new.php'; was loaded over HTTPS, but requested an insecure stylesheet 'fonts.googleapis.com/css?family=Raleway:700,800,500,300,400';. This request has been blocked; the content must be served over HTTPS
You're probably using wordpress with incorrect SSL configuration
Possible solutions are:
Make sure that the settings > site url & blog url both have SSL version
Install SSL Insecure content WordPress plugin and configure it properly
Install cloudflare WordPress plugin and configure it too if you're using cloudflare
Hire a professional (I can fix this too for your site if you're interested)
I'm trying to force HTTPS on a wordpress site, but my styles and scripts don't loading.
When I display page source code with Chrome I can see styles and scripts use HTTP to loading, I don't understand why.
I set HTTPS in wordpress general/settings for website URL and for wordpress URL. It's a fresh wordpress install with a default theme.
I tried to add this in wp-config.php
if ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') $_SERVER['HTTPS']='on';
It works but when I want to login to https://www.mywebsite.com/wp-admin, wordpress display me this message:
"Sorry you are not allowed to access this page"
Any idea?
Have you done a replace on the database which replaces all old http urls to https? You use a seperate tool for this. Place the directory in the folder where you have your wp-config.php and it should connect automaticly to your database. Make a backup beforehand;
https://interconnectit.com/products/search-and-replace-for-wordpress-databases/
I coned a wordpress site which had https:// and SSL to another domain.
This domain has no SSL.
The site works okay except the /wp-admin login says page not found. Tired changing SITE URL back to http:// in wp-config and functions.php but now even on http:// it says page not found. Any ideas?
In your database check the table options, There are two options calld siteurl and home, update these to the new URL.
If that is fixed, check your .htaccess. This could contain rewrite rules and redirects regarding wp-admin.
In the config.php set the following to false:
define('FORCE_SSL_ADMIN', false);
There might be other causes, but the ones I've listed above are quite common.
A Magento site I been asked to look into lately has recently been redirecting all traffic to HTTPS. When a link on the page points to HTTP with SEO URL's, Magento is return a HTTPS page with catalog URL's instead.
I am not sure if anyones been in and changed the SSL settings, is there anything I can check or change to return it back to normal. How do I specify what areas of the site is HTTPS?
Thank you very much for any help.
i) Check Base Url in the admin console.
Admin --> System --> Configuration --> Web --> UnSecure --> BAse Url & Base Link Url
if its in https change that to http.
ii) Check your htaccess. If you are not sure whats changed. Take a back up of you htaccess and create a new htaccess. Copy htaccess.sample in your magento root folder and change the name to .htaccess
Before these two steps make sure that you have the right configuration in your ssl.conf