wordpress is auto using http: not https: as it needs to because the server is http behind a reverse proxy https, how do I stop it?

I have a fix, I am not happy with it but it works:

I added define('FORCE_SSL_ADMIN', true); to wp-config.php

Then I changed this method is_ssl() in /wp-includes/load.php to this. I think to avoid this bug, the define('FORCE_SSL_ADMIN', true); check should have be used by the developers.

I added the line if( defined( FORCE_SSL_ADMIN ) ) return FORCE_SSL_ADMIN;

/**
 * Determines if SSL is used.
 *
 * @since 2.6.0
 * @since 4.6.0 Moved from functions.php to load.php.
 *
 * @return bool True if SSL, otherwise false.
 */
function is_ssl() {
    if( defined( FORCE_SSL_ADMIN ) ) return FORCE_SSL_ADMIN;
    if ( isset( $_SERVER['HTTPS'] ) ) {
        if ( 'on' === strtolower( $_SERVER['HTTPS'] ) ) {
            return true;
        }

        if ( '1' == $_SERVER['HTTPS'] ) {
            return true;
        }
    } elseif ( isset( $_SERVER['SERVER_PORT'] ) && ( '443' == $_SERVER['SERVER_PORT'] ) ) {
        return true;
    }
    return false;
}

PS: I think it is a bug because the code does not operate under a principle know as single source of truth

Related Posts:

  1. Properly setting up a “default” nginx server for https
  2. https connection using CURL from command line
  3. Simple Java HTTPS server
  4. HTTPS connection Python
  5. Java: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
  6. Issues with installing python libraries on Windows : CondaHTTPError: HTTP 000 CONNECTION FAILED for url
  7. WordPress wp-admin https redirect loop
  8. Local version of a WordPress site – SSL/HTTPS enforced?
  9. bloginfo() and get_template_directory_uri() with SSL?
  10. After updating site to use SSL all images in posts point to http://
  11. Adding https to wordpress website
  12. WordPress redirect loop on nginx + apache reverse proxy
  13. SSL setup: wp-login css doesn’t load over httpS
  14. In WP versions >= 4.0, is FORCE_SSL_LOGIN forcing HTTPS for the entire admin session?
  15. Occasional HTTPS Mixed Content Warning
  16. Divert http to https with WordPress on IIS
  17. WordPress : To load all asset files coming from HTTP to HTTPS?
  18. Infinite loop behind SSL proxy on non-standard port
  19. I changed my site from HTTPS back to HTTP and now it is broken- Cannot access Admin panel on HTTP URL
  20. un-loading https
  21. WordPress site shows “File not found.” if opened through https
  22. Address a single page to SSL https secure protocol?
  23. wordpress http to https windows server
  24. Jetpack “Connect to WordPress” serving insecure content under HTTPS
  25. Allow non-SSL pages to use https or Force non-SSL pages to http?
  26. Website access with http and https
  27. Need ideas for HTTPS multiple domain solution
  28. Redirect the whole blog to SSL but not the RSS feed (under Nginx)
  29. How to control SSL in WordPress for automatically changing http to https?
  30. All content is HTTPS, but browsers warn of HTTP mixed content [closed]
  31. How do I handle SSL properly when WP is behind a reverse proxy?
  32. Hi do I change Media files that still show as http after installing ssl
  33. ERR_TOO_MANY_REDIRECTS on wordpress page [closed]
  34. URLs not being output with https
  35. Website Migration (with https) to a new domain(http)
  36. How to move my local wordpress to https?
  37. Why does WordPress uses HTTPS for JS, CSS on EC2
  38. Implications of not completing all tasks when switching to HTTPS
  39. SSL Certificate
  40. Front-end pages messed up due to HTTPS
  41. How to send user data from one website to another
  42. How come all my http URLs are turned to https?
  43. Forcing SSL (Bad Theme coding)
  44. How to switch static files back to using HTTP instead of HTTPS?
  45. My WordPress site SSL is in red crossed color and can’t load at first time?
  46. SSL/HTTPS Redirect Loop
  47. The plain HTTP request was sent to HTTPS port in wordpress [closed]
  48. iHow to redirect all http traffic to https now that a SSL certificate is added?
  49. How to force static assets with HTTP sources to load over HTTPS?
  50. Moving WordPress from http to https over existing site
  51. WordPress stuck at Step 1 of setup behind nginx reverse proxy
  52. Remove “www” and redirect to “https” with nginx
  53. Changing my URL in General Settings cause the site to crash
  54. SSL Error: unable to get local issuer certificate
  55. Curl command for https ( SSL )
  56. Java Keytool error after importing certificate , “keytool error: java.io.FileNotFoundException & Access Denied”
  57. Is it safe to use sslverify => true for with wp_remote_get/wp_remote_post
  58. Disable SSL / HTTPS for wordpress
  59. WordPress is Inserting images into Post as HTTP and not HTTPS
  60. WordPress behind Proxy – Mixed Content
  61. What’s the right move with SSL for user based site?
  62. Serve HTTPS requests from subdomain
  63. Add New Sub Site from the WordPress back end then in sub site options table option_value must be with https
  64. Make default new sites https (multisite)
  65. I am locked out of my WordPress site after changing site URL from Http to Https
  66. Locked out of WordPress Site Admin after enabling Force SSL on WordPress Https (SSL)
  67. https multiple redirects
  68. How to properly force https and www on multisite with Apache HTAccess
  69. SSL Certificate and WordPress
  70. Gravity Forms not loading under https, jQuery is not defined
  71. Pointing SSL Enabled URL at Single WordPress Page
  72. Google maps causing mixed content in header
  73. 403 error on admin login page
  74. Cloudflare and SSL breaks wordpress – Mixed Content & Unable to use Admin
  75. Moving from http to https, and www. to non-www URL
  76. Certain header elements not served over https
  77. Locked out of admin and some pictures don’t show after failed SSL installation
  78. WordPress 4.0 Forces entire site into SSL
  79. SSL via different domain & path with NGINX/PHP-FPM/WP
  80. Generate HTTPS Urls in multisite
  81. How do I find non-SSL problems on my SSL page?
  82. How to get Caching Plug-ins to work on localhost with HTTPS?
  83. How to protect login via SSL but not the rest of the dashboard
  84. How to enable http (not just https) in wordpress?
  85. 301 Redirect Loop www to non-www – Nginx + Apache2
  86. WordPress Multisite keeps redirecting to HTTPS
  87. I get “too many redirects” problem when migrating localhost site
  88. Problem forcing San SSL certificate on WordPress
  89. I just updated my SSL certificate and now my site looses formatting when
  90. Core update of 4.2.3 changes all link to https [duplicate]
  91. Not logged in when using http
  92. WordPress and SSL
  93. Access wordpress pages using a self signed shared ssl
  94. SSL problems with WordPress
  95. Rewrite old post images to https
  96. ‘Too many redirects’ error after changing site URL in WordPress [closed]
  97. What are some best practices to clean up http mix content warnings?
  98. Is there a reason to use an SSL certificate other than Let’s Encrypt’s free SSL?
  99. Does each server behind a load balancer need their own SSL certificate?
  100. How to force HTTP and stop SSL completey on WordPress website