wordpresssslnginxreverse-proxy
WordPress Docker over NGINX SSL reverse proxy doesn't work as expected
When I use NGINX to create a reverse proxy for a WordPress Docker container, WordPress specifies WordPress Address (URL) and Site Address (URL) to be https://hiddenurl.com:443. So all my links contain the port 443, and if I delete this port, the website is no longer accessible due to an infinite redirect loop.
I have entered in the wp-config.php that SSL should be activated via $_SERVER['HTTPS'] = 'on';.
NGINX Config:
location ~ /(?<wppath>.*) {
rewrite ^/(.*) /$1 break;
client_max_body_size 100M;
proxy_pass http://127.0.0.1:7676/$wppath$is_args$args;
proxy_http_version 1.1;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-forwarded protocol https;
proxy_set_header upgrade $http_upgrade;
proxy_set_header Connection "upgrade
}
This causes the domain hiddenurl.com to work, but hiddenurl.com/about does redirect to 127.0.0.1/about.
The redirect seems to come from WordPress:
Solution
I solved it by using this as an nginx config:
location / {
proxy_pass http://127.0.0.1:7676;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Forwarded-Proto https;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_read_timeout 86400;
}
And append this to the top of wp-config.php
if ($_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https')
$_SERVER['HTTPS'] = '1';
if (isset($_SERVER['HTTP_X_FORWARDED_HOST'])) {
$_SERVER['HTTP_HOST'] = $_SERVER['HTTP_X_FORWARDED_HOST'];
}