Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 540
  • Last Modified:

Force https on Wordpress page

Hi there.  I have a wordpress site but want to force a page to go over https.  I found a script that I placed inside my functions.php page but it breaks the page.  The script is:

$using_ssl = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on' || $_SERVER['SERVER_PORT'] == 443;
add_action('wp', 'check_ssl');
function check_ssl()
{
// Page ID 153 must be https
if (is_page(153) && !$using_ssl)
{
header('HTTP/1.1 301 Moved Permanently');
header('Location: https://' . $_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI']);
exit;
}
// All other pages must not be https
else if (!is_page(153) && $using_ssl)
{
header('Location: http://' . $_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI']);
exit;
}
}

Open in new window


... page id is 153 on my site that I need over https.  Any ideas experts?
0
COwebmaster
Asked:
COwebmaster
  • 10
  • 9
  • 4
2 Solutions
 
Dan CraciunIT ConsultantCommented:
Can you output the contents of $using_ssl? I suspect that's your problem.
$using_ssl = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on' || $_SERVER['SERVER_PORT'] == 443;
echo '<pre>';
print_r($using_ssl);
echo '</pre>';

Open in new window

HTH,
Dan
0
 
Ray PaseurCommented:
Those compound statements are always confusing.  I think I might want to deconstruct the SSL test online 1 into something like this.

$using_ssl = FALSE;
if ( isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on' ) $using_ssl = TRUE;
if ( $_SERVER['SERVER_PORT'] == 443 )                        $using_ssl = TRUE;

Open in new window

You might also want to put the variable definition inside the function, to encapsulate it, so it does not interfere with other code.
0
 
Ray PaseurCommented:
I think I might try it like this.  If it's not page 153, don't mess with it.

add_action('wp', 'check_ssl');
function check_ssl()
{
    // ARE WE USING SSL?
    $using_ssl = FALSE;
    if ( isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on' ) $using_ssl = TRUE;
    if ( $_SERVER['SERVER_PORT'] == 443 )                        $using_ssl = TRUE;

    // Page ID 153 must be https
    if (is_page(153) && !$using_ssl)
    {
        header('HTTP/1.1 301 Moved Permanently');
        header('Location: https://' . $_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI']);
        exit;
    }
    // All other pages MUST NOT BE INTERFERED WITH
}

Open in new window

0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
Dan CraciunIT ConsultantCommented:
Ray, what happens when you navigate away from the page with id 153? Won't Wordpress still use https?

I think that was the reason for the else clause (All other pages must not be https)

Dan
0
 
Ray PaseurCommented:
Good question, Dan.  I'm not sure what would happen; I guess it would depend on whether there are fully-qualified links or relative links.  And I'm not sure I would try to put just one page behind HTTPS, especially not in a design like WP.  The trend among web sites seems to go all HTTPS today.
0
 
COwebmasterAuthor Commented:
Ray, is that trend because of the changes in the search engines?
0
 
Ray PaseurCommented:
I can't really say about the search engines.  I know that spying, government and otherwise, is a great concern to web publishers and encrypted communications reduces the risk of accidental loss of data.  The HTTPS pages get different treatment from web browsers (shown with visual cues like pictures of locks, etc.) and this may reassure clients that the pages are safe(r) to use than HTTP pages.
0
 
COwebmasterAuthor Commented:
Ray, I just tried that and it did not force the page to go over https.

The reason I am doing that is because the page is collecting cc information and I want to force the user to use ssl on that page only.

Any other ideas?
0
 
Dan CraciunIT ConsultantCommented:
Are you sure you've configured your server correctly for https? Certificate imported correctly and all?

Cause it fails 99% because $using_ssl = FALSE, which means your server does not support HTTPS.

Dan
0
 
COwebmasterAuthor Commented:
it's godaddy hosting the the cert is installed correctly.
0
 
Dan CraciunIT ConsultantCommented:
Call me stubborn, but I still want to see the value of  $using_ssl.
Just print that variable's value before calling the redirect:
print_r($using_ssl);

Then, if the value printed is false, you know the problem is with the server.
If no value is printed, then you know that function is never called, so the problem is within WP.
0
 
COwebmasterAuthor Commented:
where in the functions.php page do I call that and do I use that with Ray's code above?
0
 
Dan CraciunIT ConsultantCommented:
You can use Ray's code and add, on line 8:
print_r($using_ssl);

After that you should get a blank page with TRUE OR FALSE at the top and a "Headers already sent" error below.
0
 
COwebmasterAuthor Commented:
okay, I see this:

1
Warning: Cannot modify header information - headers already sent by (output started at /home/account/public_html/wp-content/themes/sentinel/functions.php:595) in /home/account/public_html/wp-includes/pluggable.php on line 896
0
 
COwebmasterAuthor Commented:
Okay, I think I see it working now.
0
 
COwebmasterAuthor Commented:
although if I go to other pages over https, they do not automatically redirect to http

What should I adjust in Ray's code so that it does that?
0
 
Dan CraciunIT ConsultantCommented:
OK, progress. $using_ssl is 1 (true) and Ray's function is called.
Delete the print_r from line 8.

Now insert the
print_r($using_ssl);
line after between lines 11 and 12.

Expected output: the same as before.
If you see an error, that means the code gets to the header part and we have to find the error there.

If you do not see an error, the problem is in the condition if (is_page(153) && !$using_ssl)
0
 
Dan CraciunIT ConsultantCommented:
If you want to redirect all other https to http, insert this before line 17 (the closing })

else if (!is_page(153) && $using_ssl)
{
header('Location: http://' . $_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI']);
exit;
}

Open in new window

0
 
COwebmasterAuthor Commented:
Okay, I tried that but did not get any error and the page redirects to https which is good.
0
 
COwebmasterAuthor Commented:
Okay, I added that bit in and other pages now redirect to http :)
0
 
Dan CraciunIT ConsultantCommented:
OK, great. Although I still don't know why the print_r does not kick in...
0
 
COwebmasterAuthor Commented:
Thank you!!
0
 
Dan CraciunIT ConsultantCommented:
Glad I could help!
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 10
  • 9
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now