WordPress behind an nginx SSL reverse proxy

/etc/nginx/conf.d/ssl.conf (inside the ssl server block)

location /blog/ {
  proxy_pass http://backend:8081/;
  proxy_set_header X-Forwarded-Host $host;
  proxy_set_header X-Forwarded-Proto $scheme;
}

Add this to wp-config.php

/**
 * Handle SSL reverse proxy
 */
if ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https')
    $_SERVER['HTTPS']='on';

if (isset($_SERVER['HTTP_X_FORWARDED_HOST'])) {
    $_SERVER['HTTP_HOST'] = $_SERVER['HTTP_X_FORWARDED_HOST'];
}

If the URI on the proxy is different than the URI on the backend, add this to wp-config.php too

$_SERVER['REQUEST_URI'] = "/blog".$_SERVER['REQUEST_URI'];

where “/blog” is the URI prefix on the proxy

8 thoughts on “WordPress behind an nginx SSL reverse proxy”

  1. I applied this and it seems to work with one serious flaw. Now I can’t access mydomain.com/wp-admin. I now get, “You do not have sufficient permissions to access this page.” Any ideas?

    1. Yeah, this wasn’t a really detailed post was it? 🙂

      I have since found it is better for the URI to match between the proxy and backend. In other words, put wordpress in /blog in the document root of the backend. Otherwise the wp-admin redirection freaks out.

  2. Thank you!

    This works like a charm XD

    My SSL with Nginx is configured by certbot, which did not add
    “`
    proxy_set_header X-Forwarded-Host $host;
    proxy_set_header X-Forwarded-Proto $scheme;
    “`

  3. Adding:

    SetEnvIf X-Forwarded-Proto “^https$” HTTPS=on

    To http Apache behind https nginx worked for me. Otherwise, WordPress wouldn’t load most scripts correctly.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.