WordPress » WordPress Behind SSL and NGINX Reverse Proxy

h1. Wiki

If WordPress is unable to determine when requests are made over HTTPS, causing it to be incapable of serving HTTPS-specific content. 

Web browsers nowadays usually prohibit loading insecure content within pages that are accessed via HTTPS, which results in predictable issues.

See [[SSL Insecure Content Fixer]]

The the fix is in wp-config.php add the following, you must place that code BEFORE anything else, except for the beginning PHP tag.

<pre>

if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https') {

  $_SERVER['HTTPS'] = 'on';

} 

</pre>

And in the NGINX config Add,

<pre>

server {

    listen 443;

    server_name blog.ldev.app;

    ssl on;     ssl_certificate /etc/pve/local/nginx/ldev-ssl.pem;

    ssl_certificate_key /etc/pve/local/nginx/ldev-ssl.key;

    proxy_redirect off;

    location / {

        proxy_set_header        Host $host:$server_port;

        proxy_set_header        X-Real-IP $remote_addr;

        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;

        proxy_set_header        X-Forwarded-Proto $scheme;

        proxy_pass http://*YOUR IP AND PORT*;

    }

}

</pre>

If your using Nginx Proxy Manager point to the root dir in Custom locations, and in the Advanced tab, use the Custom Nginx Configuration below 

<pre>

proxy_set_header Host $host;

proxy_set_header X-Real-IP $remote_addr;

proxy_set_header X-Forwarded-For $remote_addr;

proxy_set_header X-Forwarded-Proto $scheme;

 proxy_set_header X-Forwarded-Host $host;

proxy_set_header X-Forwarded-Server $host;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

</pre>

Here's what each directive does:

proxy_set_header Host $host;: Sets the value of the "Host" header to the value of the requested server name. This header is important for web servers to correctly route the incoming request to the correct virtual host.

proxy_set_header X-Real-IP $remote_addr;: Sets the value of the "X-Real-IP" header to the IP address of the client that initiated the request. This header is commonly used by application servers to identify the IP address of the client.

proxy_set_header X-Forwarded-For $remote_addr;: Sets the value of the "X-Forwarded-For" header to the IP address of the client that initiated the request. This header is commonly used by web servers to log the IP addresses of the clients that accessed the server through a proxy.

proxy_set_header X-Forwarded-Proto $scheme;: Sets the value of the "X-Forwarded-Proto" header to either "http" or "https", depending on the protocol used by the client to access the reverse proxy server. This header is important for application servers to generate correct links and redirects.

proxy_set_header X-Forwarded-Host $host;: Sets the value of the "X-Forwarded-Host" header to the requested server name. This header is important for application servers that rely on the "Host" header to generate links and redirects.

proxy_set_header X-Forwarded-Server $host;: Sets the value of the "X-Forwarded-Server" header to the requested server name. This header is important for application servers to identify the name of the reverse proxy server that forwarded the request.

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;: Sets the value of the "X-Forwarded-For" header to a comma-separated list of IP addresses. This directive appends the IP address of the proxy server to the existing value of the "X-Forwarded-For" header, creating a chain of IP addresses that the request passed through. This is useful for debugging and auditing purposes.