Wordpress Bug With Redis Cache + HTTPS on WordPress Homepage

eva2000 · Oct 26, 2016

oh thinking about it maybe not needed to use nginx level 302 http to https redirect if you just switch from flexible to full ssl at Cloudflare, then it will just connect to your https self-signed ssl cert version of site. But that means whatever custom settings in domain.com.conf need to be replicated in domain.com.ssl.conf for self-signed ssl

You'd essentially be working with the domain.com.ssl.conf if you use cloudflare full ssl

eva2000 · Oct 26, 2016

sorry i mean switch from flexible to full cloudflare ssl not strict heh

Full SSL: secure connection between your visitor and CloudFlare, and secure connection (but not authenticated) between CloudFlare and your web server. You will need to have your server configured to answer HTTPS connections, with a self-signed certificate at least. The authenticity of the certificate is not verified: from CloudFlare’s point of view (when we connect to your origin webserver), it’s the equivalent of bypassing this error message. But as long as the address of your origin webserver is correct in your DNS settings, you know that we’re connecting to your webserver, and not someone else’s.
Click to expand...

bruno · Oct 26, 2016

tried that but now its saying it redirected too many times..

very weird

any idea what to try next?

eva2000 · Oct 26, 2016

what have you set in both domain.com.conf and domain.com.ssl.conf now ?

page rules set ?

eva2000 · Oct 26, 2016

according to HTTP Header Check with an online CURL tool test of your domain over https and full download checkbox seems numerous 302 redirects so remove that nginx level http to https return 302 server context {} and see

bruno · Oct 26, 2016

thanks for the tip re that http header checker, @eva2000

there is no test.vincentius.com.conf.ssl because i didnt create a self-signed ssl cert in the #22 setup

here is test.vincentius.com.conf:

Code:

# Centmin Mod Getting Started Guide
# must read http://centminmod.com/getstarted.html

# redirect from non-www to www
# uncomment, save file and restart Nginx to enable
# if unsure use return 302 before using return 301
#server {
#            listen   80;
#            server_name test.vincentius.com;
#            return 301 $scheme://www.test.vincentius.com$request_uri;
#       }

server {

  server_name test.vincentius.com www.test.vincentius.com;

# ngx_pagespeed & ngx_pagespeed handler
#include /usr/local/nginx/conf/pagespeed.conf;
#include /usr/local/nginx/conf/pagespeedhandler.conf;
#include /usr/local/nginx/conf/pagespeedstatslog.conf;

  #add_header X-Frame-Options SAMEORIGIN;
  #add_header X-Xss-Protection "1; mode=block" always;
  #add_header X-Content-Type-Options "nosniff" always;

  # limit_conn limit_per_ip 16;
  # ssi  on;

  access_log /home/nginx/domains/test.vincentius.com/log/access.log main_ext buffer=256k flush=60m;
  error_log /home/nginx/domains/test.vincentius.com/log/error.log;

  include /usr/local/nginx/conf/autoprotect/test.vincentius.com/autoprotect-test.vincentius.com.conf;
  root /home/nginx/domains/test.vincentius.com/public;
  # uncomment cloudflare.conf include if using cloudflare for
  # server and/or vhost site
  #include /usr/local/nginx/conf/cloudflare.conf;
  include /usr/local/nginx/conf/503include-main.conf;

  #include /usr/local/nginx/conf/wpincludes/test.vincentius.com/wpcacheenabler_test.vincentius.com.conf;
  include /usr/local/nginx/conf/wpincludes/test.vincentius.com/wpsupercache_test.vincentius.com.conf;
  # https://community.centminmod.com/posts/18828/
  #include /usr/local/nginx/conf/wpincludes/test.vincentius.com/rediscache_test.vincentius.com.conf;

  location / {
  include /usr/local/nginx/conf/503include-only.conf;


  # Enables directory listings when index file not found
  #autoindex  on;

  # for wordpress super cache plugin
  try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?q=$uri&$args;

  # for wp cache enabler plugin
  #try_files $cache_enabler_uri $uri $uri/ $custom_subdir/index.php?$args;

  # Wordpress Permalinks
  #try_files $uri $uri/ /index.php?q=$uri&$args;

  # Nginx level redis Wordpress
  # https://community.centminmod.com/posts/18828/
  #try_files $uri $uri/ /index.php?$args;

  }

location ~* /(wp-login\.php) {
    limit_req zone=xwplogin burst=1 nodelay;
    #limit_conn xwpconlimit 30;
    auth_basic "Private";
    auth_basic_user_file /home/nginx/domains/test.vincentius.com/htpasswd_wplogin;
    include /usr/local/nginx/conf/php-wpsc.conf;
    # https://community.centminmod.com/posts/18828/
    #include /usr/local/nginx/conf/php-rediscache.conf;
}

location ~* /(xmlrpc\.php) {
    limit_req zone=xwprpc burst=45 nodelay;
    #limit_conn xwpconlimit 30;
    include /usr/local/nginx/conf/php-wpsc.conf;
    # https://community.centminmod.com/posts/18828/
    #include /usr/local/nginx/conf/php-rediscache.conf;
}

  include /usr/local/nginx/conf/wpincludes/test.vincentius.com/wpsecure_test.vincentius.com.conf;
  include /usr/local/nginx/conf/php-wpsc.conf;
  # https://community.centminmod.com/posts/18828/
  #include /usr/local/nginx/conf/php-rediscache.conf;
  include /usr/local/nginx/conf/staticfiles.conf;
  include /usr/local/nginx/conf/drop.conf;
  #include /usr/local/nginx/conf/errorpage.conf;
  include /usr/local/nginx/conf/vts_server.conf;
}

eva2000 · Oct 26, 2016

oh if you don't have a domain.com.ssl.conf version then you can't use cloudflare full ssl and need to use flexible ssl

seems without nginx 302 http to https, you go back to original problem of http access doesn't redirect to https

eva2000 · Oct 26, 2016

guess you originally followed How do I fix the infinite redirect loop error after enabling Flexible SSL with WordPress? – Cloudflare Support ?

should be okay but redis /wp super cache not working with it which is strange

bruno · Oct 26, 2016

yes i originally followed that guide. had to re-enable the plugin with wp-cli because despite adding those lines to wp-config.php it was causing a redirect loop.

so what would you recommend now? start #22 again with self-signed cert?

thanks again

eva2000 · Oct 26, 2016

maybe contact cloudflare support and see if they come across any issues like this where wordpress redis nginx level cache or wp super cache causing http not to redirect to https. They can look over your page rules to make sure they're correct

bruno · Oct 26, 2016

funny thing is that even if i disable the plugins, the problem persists

eva2000 · Oct 26, 2016

could be issue at cloudflare end

bruno · Oct 27, 2016

hey @eva2000 so i've looked into this a bit more. it seems to be nothing to do with rediscache, and more about the wordpress plugins. think i found a workaround, but not sure of the cause of the problem..

here's what i did

1) setup new beta09 install (one-liner) on google cloud instance
2) install wordpress with #22 at test.vincentius.com
3) logged in to wp-admin, ran search and replace from test.vincentius.com – Just another WordPress site to test.vincentius.com – Just another WordPress site
4) viewed test.vincentius.com on incognito browser

here i was encountering the issue of the first page being http, and the others being https..

the "fix" that i found was to disable and re-enable all plugins (in this setup i was using cache enabler plugin). don't know why this worked but it did.

PS dont know if this is useful, but i am using cloudflare, two page rules:

eva2000 · Oct 27, 2016

very strange indeed

what if you don't do the search and replace step as it shouldn't be needed on fresh wordpress install if you set it to default to https

there's a change you could do an incorrect replacement ?

i.e.

test.domain.com

becoming

http://https://testdomain.com

?

bruno · Oct 27, 2016

hmm highly unlikely that i'm doing https://https://test.vincentius.com but i will try without the search and replace step! will report back.

bruno · Oct 28, 2016

have set up fresh install:

1) setup new beta09 install (one-liner) on google cloud instance
2) install wordpress with #22 at test.vincentius.com, with self-signed cert
3) set up page rules described in previous post (full ssl and force https)
4) viewed test.vincentius.com on incognito browser

issue: does not have ssl unless you manually type https:// beforehand

attempted workaround steps:

1) deactivate caching plugin

issue persisted

any ideas?

eva2000 · Oct 28, 2016

bruno said: ↑

have set up fresh install:

1) setup new beta09 install (one-liner) on google cloud instance
2) install wordpress with #22 at test.vincentius.com, with self-signed cert
3) set up page rules described in previous post (full ssl and force https)
4) viewed test.vincentius.com on incognito browser

issue: does not have ssl unless you manually type https:// beforehand

attempted workaround steps:

1) deactivate caching plugin

issue persisted

any ideas?
Click to expand...

what's output for these commands changing /home/nginx/domains/domain.com/public/ to the path to where you installed wordpress i.e. if domain.com/blog then it would be /home/nginx/domains/domain.com/public/blog
Code (Text):
cd /home/nginx/domains/domain.com/public/
wp option get siteurl --allow-root
wp option get home --allow-root
if it's http and not https urls, just force https via wp-config.php at The Definitive Guide to WordPress SSL Security
Code (Text):
define('FORCE_SSL_LOGIN', true);
define('FORCE_SSL_ADMIN', true);

bruno · Oct 28, 2016

result of
wp option get siteurl --allow-root
wp option get home --allow-root

was the http version.

added the force ssl code to wp-config, but problem remains. tried to manually chane siteurl and home via the wp-admin settings->general option, but still no joy.

bruno · Oct 28, 2016

ahhh fixed it!

added your suggested 302 redirect from before. i am guessing it didnt work before because i had flexible ssl enabled, and now its full ssl.

added this code to /usr/local/nginx/conf/conf.d/test.vincentius.com.conf
Code:
return 302 https://test.vincentius.com$request_uri;
so it now looks like:
Code:
server {

  server_name test.vincentius.com www.test.vincentius.com;
return 302 https://test.vincentius.com$request_uri;

eva2000 · Oct 29, 2016

excellent all the pieces together

Log in / Register

Forums

Join the community today

Wordpress Bug With Redis Cache + HTTPS on WordPress Homepage

eva2000 Administrator Staff Member

eva2000 Administrator Staff Member

bruno Member

eva2000 Administrator Staff Member

eva2000 Administrator Staff Member

bruno Member

eva2000 Administrator Staff Member

eva2000 Administrator Staff Member

bruno Member

eva2000 Administrator Staff Member

bruno Member

eva2000 Administrator Staff Member

bruno Member

eva2000 Administrator Staff Member

bruno Member

bruno Member

eva2000 Administrator Staff Member

bruno Member

bruno Member

eva2000 Administrator Staff Member

.

Log in / Register

Useful Searches

Join the community today

Wordpress Bug With Redis Cache + HTTPS on WordPress Homepage

eva2000 Administrator Staff Member

eva2000 Administrator Staff Member

bruno Member

eva2000 Administrator Staff Member

eva2000 Administrator Staff Member

bruno Member

eva2000 Administrator Staff Member

eva2000 Administrator Staff Member

bruno Member

eva2000 Administrator Staff Member

bruno Member

eva2000 Administrator Staff Member

bruno Member

eva2000 Administrator Staff Member

bruno Member

bruno Member

eva2000 Administrator Staff Member

bruno Member

bruno Member

eva2000 Administrator Staff Member

.