Forcing traffic over SSL to WordPress behind AWS Elastic Load Balancer

These days just about every web site uses SSL to encrypt traffic in transit and AWS has made it that much easier with AWS Certificate Manager. I recently built this page on AWS and it took some fiddling to get WordPress to work right.

The issue here is that the ALB is redirecting all incoming traffic to HTTPS(443), which is protected by a cert generated by ACM, and then sends the traffic to the target group configured to listen on port 80, which isn’t. The issue here is that WordPress will throw errors, or load pages strangely, if you don’t tell it that you are using SSL.

The code is fairly straightforward:

define('FORCE_SSL_ADMIN', true);
if ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https')

Simply edit wp-config.php and put these three lines at the top of the document.

Leave a Comment

Your email address will not be published. Required fields are marked *