We have an old wordpress site hosted on an AWS EC2 linux server that I am trying to put behind a load balancer so I can use HTTPS and WAF. I am a somewhat experienced sysadmin but am very new to wordpress. I am having trouble getting the content to load over HTTPS while at the same time not getting into a redirect loop between the load balancer and the server.
I have the load balancer setup to talk to the server on port 80 and if WP_SITEURL/WP_HOME is set to http://, I get a bunch of mixed content errors in the chrome dev console because it is trying to load scripts and css over http. If I change WP_SITEURL/WP_HOME to https://, it creates a redirect loop because wordpress keeps trying to redirect the load balancer, which is trying to communicate on port 80, to https.
Is there a way to allow the load balancer to reach the server on port 80 while still having the base URL for resources, scripts, etc, be https?
When WordPress is behind https proxy (your load balancer) it doesn’t know that https is enabled. Proxy is working through https (443 port) but communication between proxy and WordPress is through http (80 port). For WordPress traffic is through http, that’s why you get redirect loop from https to http (by WordPress) and again from http to https (by proxy). You need to force WordPress to start working on https.
Paste this line into your wp-config.php
$_SERVER['HTTPS'] = 'on';
Sometimes proxies sent additional header HTTP_X_FORWARDED_PROTO to WordPress to let know that original traffic is on https. You can use it to be a little more flexible
if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https') {
$_SERVER['HTTPS'] = 'on';
}
Change WP_SITEURL and WP_HOME to use https. And replace all links in the database to https.
Reference:
https://developer.wordpress.org/reference/functions/is_ssl/
