[wp-trac] Re: [WordPress Trac] #5450: infinite redirect

WordPress Trac wp-trac at lists.automattic.com
Fri Dec 14 11:05:39 GMT 2007 

#5450: infinite redirect
---------------------+------------------------------------------------------
 Reporter:  trenta   |        Owner:  anonymous
     Type:  defect   |       Status:  closed   
 Priority:  high     |    Milestone:           
Component:  General  |      Version:  2.3.1    
 Severity:  normal   |   Resolution:  invalid  
 Keywords:           |  
---------------------+------------------------------------------------------
Changes (by JeremyVisser):

  * status:  new => closed
  * resolution:  => invalid
  * milestone:  2.5 =>

Comment:

 Replying to [ticket:5450 trenta]:
 > I would imagine that this infinite redirect problem occurs when you
 access a host that wordpress is not configured for, so it redirects you to
 the one that it is configured for, correct?

 Correct.

 > If so, it should be disabled by default.  Seeing that wordpress has had
 a long line of security vulnerabilities, I have mine running inside of a
 VM.  That VM is accessed through a proxy, by the host name of "wordpress".
 So, I would imagine that the redirect is occuring because it thinks that
 "wordpress" does not match my host, and therefore it should redirect to
 the one that I have configured.
 >
 > ''[snipped]'' it is forcing the user into something they may not want.

 It is not "forcing the user into something they may not want". It is
 redirecting the user to what was set in the "WordPress URL" and "Blog URL"
 ({{{WP_SITEURL}}} and {{{WP_HOME}}}, respectively, in {{{wp-config.php}}})
 property. If you want to access WP via a different hostname, then change
 the {{{WP_SITEURL}}} and {{{WP_HOME}}} options.

 You can have these set dynamically by adding the following in {{{wp-
 config.php}}}:

 {{{
 define ('WP_HOME', 'http://' . $_SERVER['HTTP_HOST'] . '/wherever-wp-is-
 installed');
 define ('WP_SITEURL', 'http://' . $_SERVER['HTTP_HOST'] . '/wherever-wp-
 is-installed');
 }}}

 '''Only''' use the above code in development, '''not''' in production, as
 it exposes your dev server to "Host:" header injection.

-- 
Ticket URL: <http://trac.wordpress.org/ticket/5450#comment:2>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software

More information about the wp-trac mailing list