Monthly Archives: November 2011

WordPress, HTTPS, CDN and W3 Total Cache

I’ve worked with a few sites recently that use HTTPS to secure certain parts of there site and also a couple of pages here are SSL protected due to the data captured. If you use the W3 Total Cache plugin like I do, and I really recommend that you do if you have a wordpress site, and make use of its CDN functionality, you might hit the following snag:

My CDN provider doesnt provide a HTTPS endpoint or its different to my normal CDN URL

the simple solution to this would be, to force loading of cdn assets via HTTP like so:

 

 

 

 

This has one other issue

Why dont i see the Blue/Green Bar?

That’s because your loading HTTP assets on a HTTPS page, for some this is an acceptable tradeoff. but for some this is bar is a must to convey trust to users. Thankfully the solution is fairly simple, Disable the CDN on SSL pages. To disable the CDN on SSL pages only add the following code snippet to your themes functions.php file, this snippet requires the W3TC plugin to be enabled and working to work as its code that tells W3TC: “hey, don’t load the cdn on this page!”

add_action('wp_head','nocdn_on_ssl_page');
function nocdn_on_ssl_page() {
if ($_SERVER['HTTPS'] == "on") {
define('DONOTCDN', true);
}
}

reload an SSL page and watch the address bar and do a view source to see the results!

Nginx and SSL – PHP Redirect Loops

Small post, I’ve been struggling a little with getting ssl to work reliably with https. specifically relating to the following piece of code:

fastcgi_param   HTTPS   on;

Lets wind back, I can get HTTPS working with nginx no problem and the above provided I do the following, maintain 2 vhosts for the same domain, one for http and one for https. The only difference is that the above line is present in the HTTPS vhost’s PHP block.

However thats messy, I either have to maintain 2 vhosts or then deal with extra includes, which just asks for trouble to maintain. Nginx has supported combined HTTP and HTTPS vhosts for some time, so I looked at how I could make this work within a combined vhost. with a little bit of IF magic (yes I know ifisevil) I can add the following to my fastcgi_params file and just forget about it 🙂

set $ssl off;

if ($ssl_protocol != "" ) {
set $ssl on;
}

fastcgi_param   HTTPS                   $ssl;

Now PHP scripts will correctly detect SSL status and work correctly, no nasty redirect loops (particularly with WordPress) and nice clean vhosts and easy management. Hopefully the great team at Nginx can convert this bit of code into an actual variable in the SSL module which would probably be faster at higher traffic levels