By brianjacildo
I have a somewhat working configuration going on. The idea is to use one of my Ubuntu 16.04 instances as a load balancer with nginx to redirect traffic to the WordPress instance I have with a Let’sEncrypt SSL cert. I believe the nginx config below is working, I can see the address bar changes to https://www.domain.io.
The problem is that the page resources are still being requested over http which logs an error on the browser console: Mixed Content: The page at 'https://www.domain.io/' was loaded over HTTPS, but requested an insecure script....
Another problem is that if I set the WordPress values of WP_HOME and WP_SITEURL to https://www.domain.io, accessing the admin panel on /wp-admin causes a 307 Internal Redirect to http://www.domain.io which creates a non-stop loop.
How do I go about making sure Wordpress is set to request everything in https?
Below is my nginx block, running nginx -t shows no error. Is there something I’m missing?
server {
listen 80;
server_name domain.io www.domain.io;
return 301 https://www.domain.io$request_uri;
}
server {
listen 443;
server_name domain.io;
# ...
# SSL stuff removed for brevity
# ...
return 301 https://www.domain.io$request_uri;
}
server {
listen 443 ssl;
server_name domain.io www.domain.io;
# ...
# SSL stuff removed for brevity
# ...
location / {
proxy_pass http://<Private IP of Wordpress Instance>;
#proxy_set_header Host $host;
#proxy_set_header X-Real-IP $remote_addr;
#proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#proxy_set_header X-Forwarded-Proto $scheme;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Change this:
server {
listen 443 ssl;
server_name domain.io www.domain.io;
to this:
server {
listen 443 ssl;
server_name www.domain.io;
I actually found a fix, forgot to post it here when I figured it out. Hope this helps anyone in the future.
I had to revert the settings I commented out in the location block and remove the extra settings I added:
location / {
proxy_pass http://<Private IP of Wordpress Instance>;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
Then in /var/www/html/wp-config.php, I added the following lines.
define('WP_HOME', 'https://www.domain.io');
define('WP_SITEURL', 'https://www.domain.io');
define('FORCE_SSL', true);
define('FORCE_SSL_ADMIN',true);
if ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https')
$_SERVER['HTTPS']='on';
I am not to familiar with the One-Click installs, but if you do have shell access. Install WP-CLI (http://wp-cli.org/), SSH to your server and directory root, and issue the command wp search-replace 'http:' 'https:'
Next wp flush cache
Sometimes it helps to cycle the permalinks in Settings > Permalinks from one setting to another and back again.
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and AI-native businesses
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.