[wp-trac] [WordPress Trac] #38273: HTTPS install is broken
WordPress Trac
noreply at wordpress.org
Sun Oct 9 22:18:17 UTC 2016
#38273: HTTPS install is broken
-----------------------------+-----------------------------
Reporter: yohgaki | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Upgrade/Install | Version: 4.6.1
Severity: normal | Keywords:
Focuses: |
-----------------------------+-----------------------------
HTTPS install results in no admin access.
== ENV ==
OS: CentOS7 (Both reverse proxy and apache server)
Nginx: 1.10.1 (Default package)
Apache: 2.4.6 (Default package)
PHP: 7.1RC3 (remi-php71 repository)
== STEP ==
1. Set up web system so that only HTTPS is used. All HTTP traffic is
redirected to HTTPS by nginx reverse proxy, backend web server is apache
that only waits HTTP.
("{{{ add_header Content-Security-Policy upgrade-insecure-requests; }}}"
is needed for nice installation page, but this is minor issue)
2. Add {{{ $_SERVER['HTTPS']='on'; }}} to wp-config.php to avoid redirect
loop.
3. Install new wordpress to the server.
4. Login with the new account created.
5. Login succeeds, but the account does not have any admin page
permission.
Since the first admin account cannot do anything, system is completely
unusable.
=== NOTES ===
Install with HTTP then switching to HTTPS results in the same. i.e. Change
site url config to https:// from http://.
This could be 7.1 bug. I don't see any PHP errors in log.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/38273>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list