Solved

Force https on Wordpress page

Posted on 2014-03-11
23
523 Views
Last Modified: 2014-03-12
Hi there.  I have a wordpress site but want to force a page to go over https.  I found a script that I placed inside my functions.php page but it breaks the page.  The script is:

$using_ssl = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on' || $_SERVER['SERVER_PORT'] == 443;
add_action('wp', 'check_ssl');
function check_ssl()
{
// Page ID 153 must be https
if (is_page(153) && !$using_ssl)
{
header('HTTP/1.1 301 Moved Permanently');
header('Location: https://' . $_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI']);
exit;
}
// All other pages must not be https
else if (!is_page(153) && $using_ssl)
{
header('Location: http://' . $_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI']);
exit;
}
}

Open in new window


... page id is 153 on my site that I need over https.  Any ideas experts?
0
Comment
Question by:COwebmaster
  • 10
  • 9
  • 4
23 Comments
 
LVL 34

Expert Comment

by:Dan Craciun
ID: 39922767
Can you output the contents of $using_ssl? I suspect that's your problem.
$using_ssl = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on' || $_SERVER['SERVER_PORT'] == 443;
echo '<pre>';
print_r($using_ssl);
echo '</pre>';

Open in new window

HTH,
Dan
0
 
LVL 109

Expert Comment

by:Ray Paseur
ID: 39923341
Those compound statements are always confusing.  I think I might want to deconstruct the SSL test online 1 into something like this.

$using_ssl = FALSE;
if ( isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on' ) $using_ssl = TRUE;
if ( $_SERVER['SERVER_PORT'] == 443 )                        $using_ssl = TRUE;

Open in new window

You might also want to put the variable definition inside the function, to encapsulate it, so it does not interfere with other code.
0
 
LVL 109

Accepted Solution

by:
Ray Paseur earned 250 total points
ID: 39923359
I think I might try it like this.  If it's not page 153, don't mess with it.

add_action('wp', 'check_ssl');
function check_ssl()
{
    // ARE WE USING SSL?
    $using_ssl = FALSE;
    if ( isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on' ) $using_ssl = TRUE;
    if ( $_SERVER['SERVER_PORT'] == 443 )                        $using_ssl = TRUE;

    // Page ID 153 must be https
    if (is_page(153) && !$using_ssl)
    {
        header('HTTP/1.1 301 Moved Permanently');
        header('Location: https://' . $_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI']);
        exit;
    }
    // All other pages MUST NOT BE INTERFERED WITH
}

Open in new window

0
3 Use Cases for Connected Systems

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, testing some more, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us.

 
LVL 34

Expert Comment

by:Dan Craciun
ID: 39923373
Ray, what happens when you navigate away from the page with id 153? Won't Wordpress still use https?

I think that was the reason for the else clause (All other pages must not be https)

Dan
0
 
LVL 109

Expert Comment

by:Ray Paseur
ID: 39923421
Good question, Dan.  I'm not sure what would happen; I guess it would depend on whether there are fully-qualified links or relative links.  And I'm not sure I would try to put just one page behind HTTPS, especially not in a design like WP.  The trend among web sites seems to go all HTTPS today.
0
 

Author Comment

by:COwebmaster
ID: 39923699
Ray, is that trend because of the changes in the search engines?
0
 
LVL 109

Expert Comment

by:Ray Paseur
ID: 39923736
I can't really say about the search engines.  I know that spying, government and otherwise, is a great concern to web publishers and encrypted communications reduces the risk of accidental loss of data.  The HTTPS pages get different treatment from web browsers (shown with visual cues like pictures of locks, etc.) and this may reassure clients that the pages are safe(r) to use than HTTP pages.
0
 

Author Comment

by:COwebmaster
ID: 39924495
Ray, I just tried that and it did not force the page to go over https.

The reason I am doing that is because the page is collecting cc information and I want to force the user to use ssl on that page only.

Any other ideas?
0
 
LVL 34

Expert Comment

by:Dan Craciun
ID: 39924512
Are you sure you've configured your server correctly for https? Certificate imported correctly and all?

Cause it fails 99% because $using_ssl = FALSE, which means your server does not support HTTPS.

Dan
0
 

Author Comment

by:COwebmaster
ID: 39924538
it's godaddy hosting the the cert is installed correctly.
0
 
LVL 34

Expert Comment

by:Dan Craciun
ID: 39924552
Call me stubborn, but I still want to see the value of  $using_ssl.
Just print that variable's value before calling the redirect:
print_r($using_ssl);

Then, if the value printed is false, you know the problem is with the server.
If no value is printed, then you know that function is never called, so the problem is within WP.
0
 

Author Comment

by:COwebmaster
ID: 39924561
where in the functions.php page do I call that and do I use that with Ray's code above?
0
 
LVL 34

Expert Comment

by:Dan Craciun
ID: 39924575
You can use Ray's code and add, on line 8:
print_r($using_ssl);

After that you should get a blank page with TRUE OR FALSE at the top and a "Headers already sent" error below.
0
 

Author Comment

by:COwebmaster
ID: 39924598
okay, I see this:

1
Warning: Cannot modify header information - headers already sent by (output started at /home/account/public_html/wp-content/themes/sentinel/functions.php:595) in /home/account/public_html/wp-includes/pluggable.php on line 896
0
 

Author Comment

by:COwebmaster
ID: 39924605
Okay, I think I see it working now.
0
 

Author Comment

by:COwebmaster
ID: 39924611
although if I go to other pages over https, they do not automatically redirect to http

What should I adjust in Ray's code so that it does that?
0
 
LVL 34

Expert Comment

by:Dan Craciun
ID: 39924620
OK, progress. $using_ssl is 1 (true) and Ray's function is called.
Delete the print_r from line 8.

Now insert the
print_r($using_ssl);
line after between lines 11 and 12.

Expected output: the same as before.
If you see an error, that means the code gets to the header part and we have to find the error there.

If you do not see an error, the problem is in the condition if (is_page(153) && !$using_ssl)
0
 
LVL 34

Assisted Solution

by:Dan Craciun
Dan Craciun earned 250 total points
ID: 39924627
If you want to redirect all other https to http, insert this before line 17 (the closing })

else if (!is_page(153) && $using_ssl)
{
header('Location: http://' . $_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI']);
exit;
}

Open in new window

0
 

Author Comment

by:COwebmaster
ID: 39924632
Okay, I tried that but did not get any error and the page redirects to https which is good.
0
 

Author Comment

by:COwebmaster
ID: 39924637
Okay, I added that bit in and other pages now redirect to http :)
0
 
LVL 34

Expert Comment

by:Dan Craciun
ID: 39924641
OK, great. Although I still don't know why the print_r does not kick in...
0
 

Author Closing Comment

by:COwebmaster
ID: 39924669
Thank you!!
0
 
LVL 34

Expert Comment

by:Dan Craciun
ID: 39924684
Glad I could help!
0

Featured Post

DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article discusses four methods for overlaying images in a container on a web page
Does your audience prefer people in photos or no people? How can you best highlight what you’re selling? What are your competitors doing, and what can you do that is different and unique from them?  Continue reading to learn how to make your images …
The purpose of this video is to demonstrate how to integrate Mailchimp with WordPress, by placing a Mailchimp signup form on a WordPress Page or Post. This will be demonstrated using a Windows 8 PC. Mailchimp will be used. Log into your Mailchi…
The viewer will learn how to dynamically set the form action using jQuery.

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question