(gs):WordPress SSL Redirect Loop

This page was last modified on December 1, 2011, at 16:23.

The (mt) Community Wiki is a collaborative project. Any (mt) Media Temple customer or employee may contribute. Not all articles and/or content have been tested for accuracy by (mt) Media Temple.

For officially moderated and tested articles, be sure to visit our KnowledgeBase.

From (mt) Community Wiki

1 Overview
2 Requirements
3 Solutions
- 3.1 Method One
- 3.2 Method Two
4 Notes/Supplemental

Overview

On occasion, adding an SSL to a WordPress site on the (gs) Grid-Service will cause the site to do an endless redirect to a different site. This might look like the WordPress Redirect Exploit, but it is not. The usual symptom of this is when you go the https: portion of the site and it redirects you somewhere else.

Requirements

You will need to have SSH enabled for your (gs). For more information, please read: Connecting via SSH to your server.
Your access domain.

Solutions

There are two methods provided in this article. Method 1 will adjust index.php to rewrite HTTP_HOST container to SERVER_NAME. Method 2 replaces all instances of HTTP_HOST with SERVER_NAME. Method 1 is the safest method and will work on all versions of PHP that are greater than 5.

Method One

1. Launch your favorite SFTP or FTP program.
2. Connect to your account.
3. Navigate to your WordPress root.
3. Replace the contents of index.php with:

<?php
$_SERVER['HTTP_HOST'] = $_SERVER['SERVER_NAME'];
define('WP_USE_THEMES', true);
require('./wp-blog-header.php');

Make sure to omit the ?> (it's not required but PHP runs faster without the closing tag on complete PHP pages.

Method Two

1. Launch your Terminal (Mac or Linux) or PuTTY (Windows) program.
2. Connect via SSH, using this command:


ssh serveradmin%example.com@s00000.gridserver.com

3. If you see "Are you sure you want to continue connecting (yes/no)?", then type in "yes" (without the quotes).

4. You'll be prompted for your password, type in your SSH password.

5. At the prompt, type in:


find /home/00000/domains/domain_name/html/ -type f -exec sed -i 's/HTTP_HOST/SERVER_NAME/g' {} \;

6. Once this has executed and the prompt re-appears, type:

exit

7. Done. Close your SSH application.

This should take care of the issue. While there are other solutions that can address this, such as a plugin that disables canonical URLs, http://txfx.net/files/wordpress/disable-canonical-redirects.phps, it was noted that it disabled WordPress' ability to redirect from things like www. and trailing slashes (not to mention a whole host of other useful things, http://markjaquith.wordpress.com/2007/09/25/wordpress-23-canonical-urls/).

Notes/Supplemental

Retrieved from "http://wiki.mediatemple.net/w/(gs):WordPress_SSL_Redirect_Loop"

Categories: (gs) | SSL | Certificate | WordPress

(mt) Media Temple, Inc. - Web Hosting Built to Scale.

Community Wiki