Ask your WordPress questions! Pay money and get answers fast! (more info)

forcing https and https links WordPress

I am looking for a way to force a page to use the https version. I am hoping that this can be achieved on a template basis by either adding code to the template itself or to a custom header for that template.

The code should force the page to redirect from http to https and it should also deliver any images on that page in https, only the images should be delivered in https as I don't want to offer up new https links to other pages that could cause duplicate content issues.

I don't want to use a plugin for this as currently I only need this on one page that has its own dedicated template.

Answers (3)

2013-03-27

webGP answers:

Hello!

For redirect page from http to https just put the code below into first line of your custom heder file:

if($_SERVER["HTTPS"] != "on") {
header("HTTP/1.1 301 Moved Permanently");
header("Location: https://" . $_SERVER["SERVER_NAME"] . $_SERVER["REQUEST_URI"]);
exit();
}


For urls to images i think you can put all of your code into php variable and use preg_replace, but i'm not sure, that is best solution.


julesphoto comments:

Thanks for offering some ideas. This does force https but it also forces all the links on the page to become https:

"only the images should be delivered in https as I don't want to offer up new https links to other pages that could cause duplicate content issues"

2013-03-28

Navjot Singh answers:

Try using this plugin: [[LINK href="http://wordpress.org/extend/plugins/wordpress-https/"]]WordPress HTTPS[[/LINK]] This can help you force all links hosted on your site to go secure which will include images as well.


Navjot Singh comments:

Just read that you don't need a plugin. You can try this code in your theme's function.php

function wp8204_ssl_template_redirect() {
if ( is_page( 123 ) && ! is_ssl() ) {
if ( 0 === strpos($_SERVER['REQUEST_URI'], 'http') ) {
wp_redirect(preg_replace('|^http://|', 'https://', $_SERVER['REQUEST_URI']), 301 );
exit();
} else {
wp_redirect('https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'], 301 );
exit();
}
}
}
add_action( 'template_redirect', 'wp8204_ssl_template_redirect', 1 );


where 123 is your page id. You can even replace is_page( 123 ) with is_page_template('theme_template.php') if you are targetting a specific template.


julesphoto comments:

This also forces https but it also forces all the links on the page to become https:

"only the images should be delivered in https as I don't want to offer up new https links to other pages that could cause duplicate content issues"


Navjot Singh comments:

Try this code

function wp8204_filterGetAttachUrl($url) {
// only fix if source URL starts with http://
if (stripos($url, 'http://') === 0) {
$url1 = str_ireplace('http://', 'https://', $url);
}
return $url1;
}

add_filter('wp_get_attachment_url', 'wp8204_filterGetAttachUrl', 100);


This will replace links of all images attached via Media editor.


julesphoto comments:

All these solutions serve https but I still remain with the problem of not all elements being given https links. In particular there are plugins that are not served with https and so these trigger warnings when visiting the page especially in Internet Explorer.

Most of the plugins are not needed on the https page so I guess it would be possible to specify the page template and deregister all non essential items on that page.

2013-03-30

Clifford P answers:

Personally, I'd change Navjot's code from this:

Replace <strong>http://</strong> with <strong>https://</strong>

to this:

Replace <strong>http://</strong> with <strong>//</strong>


That way, if the page is served via http, the image will be http. And if the page is served via https, the image will be https.

Check out this article: [[LINK href="https://managewp.com/wordpress-ssl-settings-and-how-to-resolve-mixed-content-warnings"]]https://managewp.com/wordpress-ssl-settings-and-how-to-resolve-mixed-content-warnings[[/LINK]]




Edit:

I wish WordPress uploaded images like this by default.

Just re-read your question. If you just need 1 page to be SSL/HTTPS, then just switch from Visual Editor to HTML Editor and remove all <strong>http:</strong> from img src and you're done.