Solved

Force https on Wordpress page

Posted on 2014-03-11
23
531 Views
Last Modified: 2014-03-12
Hi there.  I have a wordpress site but want to force a page to go over https.  I found a script that I placed inside my functions.php page but it breaks the page.  The script is:

$using_ssl = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on' || $_SERVER['SERVER_PORT'] == 443;
add_action('wp', 'check_ssl');
function check_ssl()
{
// Page ID 153 must be https
if (is_page(153) && !$using_ssl)
{
header('HTTP/1.1 301 Moved Permanently');
header('Location: https://' . $_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI']);
exit;
}
// All other pages must not be https
else if (!is_page(153) && $using_ssl)
{
header('Location: http://' . $_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI']);
exit;
}
}

Open in new window


... page id is 153 on my site that I need over https.  Any ideas experts?
0
Comment
Question by:COwebmaster
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 10
  • 9
  • 4
23 Comments
 
LVL 35

Expert Comment

by:Dan Craciun
ID: 39922767
Can you output the contents of $using_ssl? I suspect that's your problem.
$using_ssl = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on' || $_SERVER['SERVER_PORT'] == 443;
echo '<pre>';
print_r($using_ssl);
echo '</pre>';

Open in new window

HTH,
Dan
0
 
LVL 110

Expert Comment

by:Ray Paseur
ID: 39923341
Those compound statements are always confusing.  I think I might want to deconstruct the SSL test online 1 into something like this.

$using_ssl = FALSE;
if ( isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on' ) $using_ssl = TRUE;
if ( $_SERVER['SERVER_PORT'] == 443 )                        $using_ssl = TRUE;

Open in new window

You might also want to put the variable definition inside the function, to encapsulate it, so it does not interfere with other code.
0
 
LVL 110

Accepted Solution

by:
Ray Paseur earned 250 total points
ID: 39923359
I think I might try it like this.  If it's not page 153, don't mess with it.

add_action('wp', 'check_ssl');
function check_ssl()
{
    // ARE WE USING SSL?
    $using_ssl = FALSE;
    if ( isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on' ) $using_ssl = TRUE;
    if ( $_SERVER['SERVER_PORT'] == 443 )                        $using_ssl = TRUE;

    // Page ID 153 must be https
    if (is_page(153) && !$using_ssl)
    {
        header('HTTP/1.1 301 Moved Permanently');
        header('Location: https://' . $_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI']);
        exit;
    }
    // All other pages MUST NOT BE INTERFERED WITH
}

Open in new window

0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 35

Expert Comment

by:Dan Craciun
ID: 39923373
Ray, what happens when you navigate away from the page with id 153? Won't Wordpress still use https?

I think that was the reason for the else clause (All other pages must not be https)

Dan
0
 
LVL 110

Expert Comment

by:Ray Paseur
ID: 39923421
Good question, Dan.  I'm not sure what would happen; I guess it would depend on whether there are fully-qualified links or relative links.  And I'm not sure I would try to put just one page behind HTTPS, especially not in a design like WP.  The trend among web sites seems to go all HTTPS today.
0
 

Author Comment

by:COwebmaster
ID: 39923699
Ray, is that trend because of the changes in the search engines?
0
 
LVL 110

Expert Comment

by:Ray Paseur
ID: 39923736
I can't really say about the search engines.  I know that spying, government and otherwise, is a great concern to web publishers and encrypted communications reduces the risk of accidental loss of data.  The HTTPS pages get different treatment from web browsers (shown with visual cues like pictures of locks, etc.) and this may reassure clients that the pages are safe(r) to use than HTTP pages.
0
 

Author Comment

by:COwebmaster
ID: 39924495
Ray, I just tried that and it did not force the page to go over https.

The reason I am doing that is because the page is collecting cc information and I want to force the user to use ssl on that page only.

Any other ideas?
0
 
LVL 35

Expert Comment

by:Dan Craciun
ID: 39924512
Are you sure you've configured your server correctly for https? Certificate imported correctly and all?

Cause it fails 99% because $using_ssl = FALSE, which means your server does not support HTTPS.

Dan
0
 

Author Comment

by:COwebmaster
ID: 39924538
it's godaddy hosting the the cert is installed correctly.
0
 
LVL 35

Expert Comment

by:Dan Craciun
ID: 39924552
Call me stubborn, but I still want to see the value of  $using_ssl.
Just print that variable's value before calling the redirect:
print_r($using_ssl);

Then, if the value printed is false, you know the problem is with the server.
If no value is printed, then you know that function is never called, so the problem is within WP.
0
 

Author Comment

by:COwebmaster
ID: 39924561
where in the functions.php page do I call that and do I use that with Ray's code above?
0
 
LVL 35

Expert Comment

by:Dan Craciun
ID: 39924575
You can use Ray's code and add, on line 8:
print_r($using_ssl);

After that you should get a blank page with TRUE OR FALSE at the top and a "Headers already sent" error below.
0
 

Author Comment

by:COwebmaster
ID: 39924598
okay, I see this:

1
Warning: Cannot modify header information - headers already sent by (output started at /home/account/public_html/wp-content/themes/sentinel/functions.php:595) in /home/account/public_html/wp-includes/pluggable.php on line 896
0
 

Author Comment

by:COwebmaster
ID: 39924605
Okay, I think I see it working now.
0
 

Author Comment

by:COwebmaster
ID: 39924611
although if I go to other pages over https, they do not automatically redirect to http

What should I adjust in Ray's code so that it does that?
0
 
LVL 35

Expert Comment

by:Dan Craciun
ID: 39924620
OK, progress. $using_ssl is 1 (true) and Ray's function is called.
Delete the print_r from line 8.

Now insert the
print_r($using_ssl);
line after between lines 11 and 12.

Expected output: the same as before.
If you see an error, that means the code gets to the header part and we have to find the error there.

If you do not see an error, the problem is in the condition if (is_page(153) && !$using_ssl)
0
 
LVL 35

Assisted Solution

by:Dan Craciun
Dan Craciun earned 250 total points
ID: 39924627
If you want to redirect all other https to http, insert this before line 17 (the closing })

else if (!is_page(153) && $using_ssl)
{
header('Location: http://' . $_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI']);
exit;
}

Open in new window

0
 

Author Comment

by:COwebmaster
ID: 39924632
Okay, I tried that but did not get any error and the page redirects to https which is good.
0
 

Author Comment

by:COwebmaster
ID: 39924637
Okay, I added that bit in and other pages now redirect to http :)
0
 
LVL 35

Expert Comment

by:Dan Craciun
ID: 39924641
OK, great. Although I still don't know why the print_r does not kick in...
0
 

Author Closing Comment

by:COwebmaster
ID: 39924669
Thank you!!
0
 
LVL 35

Expert Comment

by:Dan Craciun
ID: 39924684
Glad I could help!
0

Featured Post

Salesforce Made Easy to Use

On-screen guidance at the moment of need enables you & your employees to focus on the core, you can now boost your adoption rates swiftly and simply with one easy tool.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Because your company can’t afford for you to make SEO mistakes, you’ll want to ensure you’re taking the right steps each and every time you post a new piece of content. This list of optimization do’s and don’ts can help you become an SEO wizard.
Dramatic changes are revolutionizing how we build and use technology. Every company is automating, digitizing, and modernizing operations. We need a better, more connected way to work together as teams so we can harness the insights from our system…
The purpose of this video is to demonstrate how to set up the permalinks on a WordPress Website. This will be demonstrated using a Windows 8 PC. Go to your WordPress login page. This will look like the following: mywebsite.com/wp-login.php : Go t…
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question