How to run WordPress Blog behind Nginx Secure (https) Proxy

When I started this blog, I was asked, what was the most annoying thing I get while setup up a WordPress blog. I can’t really get SSL thing out of my head – yet. It was totally worth it.

When running a WordPress behind a proxy, it will give an error of unable to complete the request.

There are kinds of problem you will see:

  1. WordPress homepage is stuck in an endless loop.
  2. CSS/JS files are not loading.
  3. Transport error.

Solution:

Editing Nginx for WordPress behind Proxy

Add following proxy configuration in your Nginx

proxy_set_header X-Forwarded-Proto https;

Your nginx configuration should look more or less like:

    location / {
        try_files $uri @app;
    }
    location @app {
        proxy_set_header X-Forwarded-Proto https;
        proxy_pass http://127.0.0.1:8888;
        include .common/proxy.common;
    }

Config for SSL enabled WordPress behind Proxy

There is a possibility that you might need to add the following as well in wp-config.php file in some versions of WordPress.

if($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https'){

    $_SERVER['HTTPS'] = 'on';
    $_SERVER['SERVER_PORT'] = 443;
}

Do you have wp-config.php inside Docker?

If your wp-config.php file is under Docker, then you can use docker cp command to copy/copy back file.

#Copy from docker container
docker cp project_wordpress_1:/var/www/html/wp-config.php .

#Copy to docker container
docker cp wp-config.php project_wordpress_1:/var/www/html/wp-config.php

Worth Sharing?

What is the best way to setup latest wordpress blog using docker?

Dream of any developer is to keep things portable and what would be more awesome thank to use Docker for your WordPress post right? I had plenty of hiccups in the setup like permission, portability, port and most annoying of all ssl compatibility.

Assuming that you have already installed docker-compose, you need a compose file as following.


version: '3.2'
services:
  wordpress:
    image: wordpress:5.2.0-php7.3-apache
    restart: always
    volumes:
        - "/etc/passwd:/etc/passwd:ro"
        - "/etc/group:/etc/group:ro"
        - ./wordpress/:/var/www/html/
    ports:
        - 91:80
    environment:
        - WORDPRESS_DB_PASSWORD=pass_is
        - WORDPRESS_TABLE_PREFIX=tb_
        - APACHE_RUN_USER=my_user
        - APACHE_RUN_GROUP=my_group
  mysql:
    image: mysql:5.7
    restart: always
    volumes:
        - type: bind
          source: ./mysql
          target: /var/lib/mysql
    environment:
        - MYSQL_ROOT_PASSWORD=pass_is

Solving the HTTPS – wordpress behind https proxy (ssl)

If you are using nginx behind https, you have to forward proto as https is

proxy_set_header X-Forwarded-Proto https;


server {
    listen 443 ssl;
    server_name yourdomain.com;
    index index.php index.html index.htm;
    ssl_trusted_certificate ./fullchain.pem;
    ssl_certificate ./fullchain.pem;
    ssl_certificate_key ./privkey.pem;
    root /usr/local/nginx/html/;
    location / {
        try_files $uri @app;
    }
    location @app {
        proxy_set_header X-Forwarded-Proto https;
        proxy_pass http://127.0.0.1:8888;
        include .common/proxy.common;
    }
}

Back up your Blog.

sudo docker exec -it _mysql_1 mysqldump -uroot -ppass_id --all-databases > ./mysql-backup/backup.sql

Restore your Blog.

docker exec -i _mysql_1 mysql -uroot -ppass_id < ./backup.sql

Takeaways:

  1. Embedded passwd and group file.
  2. Setting host user and group for folder permission.
  3. We are mounting wordpress folder so that your files can be added to git as well and you can work on wp-config.php without any issues.
  4. MySQL too will have data folder.
  5. You can easily move setup to different server in matters of mins.

Worth Sharing?