Today we started the process of moving Buy Area Rug Pads and Only Mohawk Rug pads sites which are WordPress Woocommerce websites (which of course require and SSL certificate) to a new hosting service with Rackspace. We set up our new hosting, Cloud Server, to use load balancers in front of the server to do the SSL encryption and so that it is scalable later on.
Problem with WordPress and SSL on the Load Balancer
Once we made a site live, we tested it, and found that it looked HORRIBLE! After a little more research this is what we found: the site looked fine until you added an item to the cart and then clicked on Checkout which forced an https page, like normal. The https page looked terrible! Then, if the visitor decided they were not ready to check out but instead clicked on another page, the following pages were returning with the SSL cert (https://) instead of returning to non-secure pages. All of those https pages looked terrible.
This is what the checkout page should have looked like:
Here is what it looked like! YIKES!!!! What the heck! – Why is the image there? The header is all squished to the left! And the page went all the way to the edges with no border – hard to tell here but it was bad.
After you clicked on the logo to go home, here is what it SHOULD have looked like on another site – nice footer is blue (you can’t see that but it is blue), nice sortable tabs for thickness size, header image at top and header across the page:
BUT this is what the home page on httpS:// looked like! Yikes again!!
Clearly, something was wrong.
Fixing the problem of SSL on a Load Balancer with a WordPress or Magento site:
The awesome Rackspace tech, Richard Harwood, figured it out. He originally figured out a WordPress core fix, but you know that that is not sustainable – as soon as we would upgrade WordPress the fix would be overwritten. So he did his homework and found that another Rackspace install using Magento had a similar issue but the fix was the same!
[content_box color=”red”]
The fix is to add the following line of code to your .htaccess file
SetEnvIf X-Forwarded-Proto https HTTPS=on
[/content_box]
This is from the ticket that Richard wrote with the explanation of why this works:
[content_box color=”default”]
Thank you for calling in and speaking with me today. Your issue was that SSL pages were not displaying correcting on your wordpress sites that had been migrated from cloud sites.
The crux of the issue is that your load balancer is decrypting SSL traffic and causing wordpress to enter a HTTP>HTTPS redirect loop.
I applied a temporary fix to the wordpress code to properly check to see if the original request was SSL or not. This fix worked but neither of us were satisfied and wanted something more permanent that wasn’t going to break when the wordpress code was updated.
After doing some further research I believe I have found a better alternative. I added the following line to the .htaccess file in your document root:
SetEnvIf X-Forwarded-Proto https HTTPS=on
This makes wordpress believe that the original request is over SSL by setting a server variable that would normally be set if the server itself received the SSL request directly (instead of the load balancer).
This fix does not alter any wordpress code and I have verified that it works on your onlymohawkrugpads site. I have not modified any other sites since you mentioned that you were waiting for this fix before migrating any further sites.
You requested a call back on number 203-984-7444 which I will do so momentarily.
Please let us know if you have any questions or require further assistance with anything.
Thank you,
Richard Harwood
Linux Administration
Rackspace Managed Cloud Support
[/content_box]
Now, tell me, is that not awesome support or what. Hope this helps some others of you out there!!!!!
Read More in this Category:
Hungry for More Information?
Contact us to find out how we can leapfrog your online presence to where you want to be!
Set up a 15 minute call today using the button below, or fill out the form here!