I have a fresh WordPress installation that works fine. I decide to make it work under HTTPS so I go in the General config and change the “WordPress Address” and the “Site Adress” from http://my.website.com/blog/ to https://my.website.com/blog/.
First, this create a redirection loop so I have to add the following lines to my wp_config.php:
/** SSL */
define('FORCE_SSL_ADMIN', true);
// in some setups HTTP_X_FORWARDED_PROTO might contain
// a comma-separated list e.g. http,https
// so check for https existence
if (strpos($_SERVER['HTTP_X_FORWARDED_PROTO'], 'https') !== false)
$_SERVER['HTTPS']='on';
There, I’m able to see the blog in HTTPS as well as the login page. Once I try to login though, I get the following error: Sorry, you are not allowed to access this page.
Impossible to access to the admin interface in HTTPS.
If I reverse the URLs (via phpMyAdmin) and remove the lines from my wp_config.php file, I can login properly. Any idea what is wrong with my installation? Is it the fact that the blog is under /blog/?
Thanks for your help!
4 s
Just a quick note, the code
define('FORCE_SSL_ADMIN', true);
if ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https')
$_SERVER['HTTPS']='on';
need to be at the top of the config file just after the <php or it will not work.
