10

Let me explain our architecture first.

www.example.com CNAME points to cloudfront distribution (d3xxxxx.cloudfront.net)

Origin for the cloudfront: route.example.com. We had select **Whitelist Headers ** as HOST in cloudfront distribution

SSL installed on Cloudfront for the domain : www.example.com

route.domain.com points to Google cloud server which has apache webserver and wordpress installed.

Issue 1. When we hit the URL www.example.com without applying SSL certificate, the home page loads www.example.com however internal links redirecting to 'route.example.com' instead of www.example.com. We believe its because of siteurl on wordpress uses route.example.com

Issue 2. After applying SSL certificate on cloudfront, when we hit the URL 'https://www.example.com', the website ended up too many redirects

We have tried the URL "WordPress + CloudFront Flexible SSL ends up in redirect loop (https)" and it doesn't seems to be helping us.

Goal: We want www.example.com to use cloudfront distribution along with SSL and doesnt want to expose webserver to enduser. The origin of the cloudfront should be route.example.com which will have wordpress application.

Any help would be appreciated.

Pheonix Solutions
  • 151
  • 1
  • 7

3 Answers3

28

We had a similar problem. In our case though we weren't using a custom domain name but the CloudFront URL.

To get HTTPS to work correctly we had to do two things:

  1. Make sure the CloudFront-Forwarded-Proto header is forwarded in all cache behaviors, including the default cache behavior.

  2. Add the following code snippet to wp-config.php before require_once( ABSPATH . 'wp-settings.php' );:

    if (isset($_SERVER['HTTP_CLOUDFRONT_FORWARDED_PROTO'])
  && $_SERVER['HTTP_CLOUDFRONT_FORWARDED_PROTO'] === 'https') {
  $_SERVER['HTTPS'] = 'on';
}

The code snippet essentially tells WordPress that we're running behind a reverse proxy. This gets it to respond to HTTPS requests correctly.

vlence
  • 405
  • 4
  • 8
  • Thanks for your inputs – Pheonix Solutions Apr 30 '19 at 11:11
  • Works perfectly. Life saver. – Mate Hegedus Aug 25 '20 at 18:03
  • Not worked for me. any other suggestion – Avinash Dalvi Mar 28 '22 at 07:49
  • I have spent the last couple days trying to get CloudFront to work in front of our service. THIS is the key to it! THANK YOU SO MUCH! I had to so something similar with the ALB but I didn't even think that CloudFront would have a different header... looking back, it's so obvious. – Jeremy Apr 28 '22 at 18:02
  • vlence - whoever you are, wherever you are - just know you have solved a whole load of pain for me! Thanks a ton – Sean Feb 09 '23 at 03:48
  • It worked. I had wordpress site installed on AWS in subfolder. I was getting mixed content error and too many redirects on accessing admin panel. This code snippet solved issue. – Suraj Jun 29 '23 at 12:32
1

Cloudfront Distribution SettingsI know this is old but I found one cause of this to be if you set the default root object on your distribution to "index.php" for a wordpress site, it will cause these infinite redirects.

Leave this optional parameter blank if your caching a wordpress site!

R Soph
  • 11
  • 2
0

I know this is an old question, but, as I ended up here I thought I'd post my mistake! We are using Lightsail.

At the bottom of the details page of your distribution you can set how it pulls content from your source. We had it set to http when our site in fact is https (as I expect most people's is). Changing this fixed the redirect issue.

enter image description here

phil
  • 4,668
  • 4
  • 33
  • 51