[wp-trac] [WordPress Trac] #49970: Wrong is_ssl() result
WordPress Trac
noreply at wordpress.org
Tue Apr 21 14:37:15 UTC 2020
#49970: Wrong is_ssl() result
--------------------------+------------------------
Reporter: duxabilii | Owner: (none)
Type: defect (bug) | Status: closed
Priority: normal | Milestone:
Component: Security | Version: 5.4
Severity: normal | Resolution: duplicate
Keywords: | Focuses:
--------------------------+------------------------
Changes (by SergeyBiryukov):
* keywords: has-patch 2nd-opinion =>
* resolution: => duplicate
* status: new => closed
* component: General => Security
* milestone: Awaiting Review =>
Comment:
Hi there, welcome to WordPress Trac!
Thanks for the report, we're already tracking this issue in #31288.
This is something that comes up often, but is not something that can be
fixed due to the nature of handling client-provided headers, which is
what's needed to address the issue. See comment:17:ticket:31288 for more
info.
The long and short of it is that this is a server-level configuration
issue with reverse proxy web servers. It's not a WordPress issue, and it's
not limited to WordPress. There's no need to modify the `is_ssl()`
function. You just need to add something along the lines of the following
to your `wp-config.php` file:
{{{
$_SERVER['HTTPS'] = 1;
}}}
Any proxy configuration is "supported" by WordPress, you just need to
remap the `$_SERVER['HTTPS']` server variable based the particular proxy
configuration you're using.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/49970#comment:1>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list