Fix for Apache httpd Update Causing WordPress Redirect Loop

The recent CentOS 6 Apache httpd 2.2 server update changes the envariable HTTP_HOST from ‘domain’ to ‘domain:port’, causing cookie domain match and redirect issues with web apps, especially in a reverse proxy setup.

/var/log/yum.log:
Sep 23 23:55:25 Updated: httpd-2.2.15-60.el6.centos.5.x86_64

The fix for WordPress in my setup with a httpd front-end and a httpd_php backend (reverse proxy) is:

wp-includes/canonical.php:

-      if ( ! $requested_url && isset( $_SERVER['HTTP_HOST'] ) ) {
+      if ( ! $requested_url && isset( $_SERVER['SERVER_NAME'] ) ) {
               // build the URL in the address bar
               $requested_url  = is_ssl() ? 'https://' : 'http://';
-              $requested_url .= $_SERVER['HTTP_HOST'];
+              $requested_url .= $_SERVER['SERVER_NAME'];
               $requested_url .= $_SERVER['REQUEST_URI'];
       }

To fix similar redirect problems in other Open Source web products, just:

  1. backup your files
  2. add a print statement for the domain/cookie handling variables to a file and inspect what is happening
  3. either use SERVER_NAME instead of HTTP_HOST, or use a regex to clean the HTTP_HOST value like s/(:\d+)$//;
This entry was posted in Business, Open Source, Tech. Bookmark the permalink.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.