Last active
August 19, 2017 08:06
-
-
Save vincenzo/2c7ab3ba98da564889cec49de48b6fdf to your computer and use it in GitHub Desktop.
Enforce HTTPS for WP on Pantheon.io
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| // ... | |
| /** A couple extra tweaks to help things run well on Pantheon. **/ | |
| if (isset($_SERVER['HTTP_HOST'])) { | |
| // HTTPS is now the default scheme. | |
| $scheme = 'https'; | |
| $base_url = $scheme . '://' . $_SERVER['HTTP_HOST']; | |
| define('WP_HOME', $base_url); | |
| define('WP_SITEURL', $base_url); | |
| // Enforce HTTPS. | |
| if (!isset($_SERVER['HTTP_USER_AGENT_HTTPS']) || $_SERVER['HTTP_USER_AGENT_HTTPS'] != 'ON') { | |
| header('HTTP/1.0 301 Moved Permanently'); | |
| header('Location: ' . $base_url . $_SERVER['REQUEST_URI']); | |
| exit(); | |
| } | |
| } | |
| // ... |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| // ... | |
| /** A couple extra tweaks to help things run well on Pantheon. **/ | |
| if (isset($_SERVER['HTTP_HOST'])) { | |
| // HTTP is still the default scheme for now. | |
| $scheme = 'http'; | |
| // If we have detected that the end use is HTTPS, make sure we pass that | |
| // through here, so <img> tags and the like don't generate mixed-mode | |
| // content warnings. | |
| if (isset($_SERVER['HTTP_USER_AGENT_HTTPS']) && $_SERVER['HTTP_USER_AGENT_HTTPS'] == 'ON') { | |
| $scheme = 'https'; | |
| } | |
| define('WP_HOME', $scheme . '://' . $_SERVER['HTTP_HOST']); | |
| define('WP_SITEURL', $scheme . '://' . $_SERVER['HTTP_HOST']); | |
| } | |
| // ... |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| diff --git a/wp-config.php b/wp-config.php | |
| index 4639ada8..36786193 100755 | |
| --- a/wp-config.php | |
| +++ b/wp-config.php | |
| @@ -67,16 +67,18 @@ else: | |
| /** A couple extra tweaks to help things run well on Pantheon. **/ | |
| if (isset($_SERVER['HTTP_HOST'])) { | |
| - // HTTP is still the default scheme for now. | |
| - $scheme = 'http'; | |
| - // If we have detected that the end use is HTTPS, make sure we pass that | |
| - // through here, so <img> tags and the like don't generate mixed-mode | |
| - // content warnings. | |
| - if (isset($_SERVER['HTTP_USER_AGENT_HTTPS']) && $_SERVER['HTTP_USER_AGENT_HTTPS'] == 'ON') { | |
| - $scheme = 'https'; | |
| + // HTTPS is now the default scheme. | |
| + $scheme = 'https'; | |
| + $base_url = $scheme . '://' . $_SERVER['HTTP_HOST']; | |
| + define('WP_HOME', $base_url); | |
| + define('WP_SITEURL', $base_url); | |
| + | |
| + // Enforce HTTPS. | |
| + if (!isset($_SERVER['HTTP_USER_AGENT_HTTPS']) || $_SERVER['HTTP_USER_AGENT_HTTPS'] != 'ON') { | |
| + header('HTTP/1.0 301 Moved Permanently'); | |
| + header('Location: ' . $base_url . $_SERVER['REQUEST_URI']); | |
| + exit(); | |
| } | |
| - define('WP_HOME', $scheme . '://' . $_SERVER['HTTP_HOST']); | |
| - define('WP_SITEURL', $scheme . '://' . $_SERVER['HTTP_HOST']); | |
| } | |
| // Don't show deprecations; useful under PHP 5.5 | |
| error_reporting(E_ALL ^ E_DEPRECATED); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment