Title: suggestion for better https support
Last modified: August 20, 2016

---

# suggestion for better https support

 *  [_ck_](https://wordpress.org/support/users/_ck_/)
 * (@_ck_)
 * [13 years, 2 months ago](https://wordpress.org/support/topic/suggestion-for-better-https-support/)
 * Not all servers set HTTPS like you are trying to detect in 1.2 (and earlier) 
   of super cache.
 * ie. this is not good enough
 *     ```
       if ( isset( $_SERVER[ 'HTTPS' ] ) )
       $protocol = ( 'on' == strtolower( $_SERVER[ 'HTTPS' ] ) ) ? 'https://' : 'http://';
       else
       $protocol = 'http://';
       ```
   
 * this is more bullet-proof
 *     ```
       if ((!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS']!== 'off')
       || (!empty($_SERVER['SERVER_PORT']) && $_SERVER['SERVER_PORT']==443)) {
       $protocol = 'https://';
       } else {
       $protocol = 'http://';
       }
       ```
   
 * to explain, some setups use port 443 without enabling the HTTPS environment and
   some actually set HTTPS to ‘1’ and not ‘on’
 * [http://wordpress.org/extend/plugins/wp-super-cache/](http://wordpress.org/extend/plugins/wp-super-cache/)

Viewing 3 replies - 1 through 3 (of 3 total)

 *  Thread Starter [_ck_](https://wordpress.org/support/users/_ck_/)
 * (@_ck_)
 * [13 years, 2 months ago](https://wordpress.org/support/topic/suggestion-for-better-https-support/#post-3567290)
 * Actually now that I think about it, the whole approach is bad.
 * Because a cached page for https and a cached page for http will have completely
   different links on the page.
 * If you use the same http cached page for https, non-relative links will be broken
   and take the user out of https when they follow (and visa versa)
 * You need to store (https) cached pages with the protocol appended and adjust 
   htaccess as well for that situation.
 *  Thread Starter [_ck_](https://wordpress.org/support/users/_ck_/)
 * (@_ck_)
 * [13 years, 2 months ago](https://wordpress.org/support/topic/suggestion-for-better-https-support/#post-3567488)
 * Okay I see where index-https was added in 1.2
 * Doesn’t really address the original problem of true https detection but I guess
   nginx users can work around the environment problem.
 * Is there a better solution than this for nginx
 * inside `http {`
 *     ```
       map $scheme $index {
           default  index;
           https    index-https;
       }
       ```
   
 * then later in your `location {`
 *     ```
       try_files /wp-content/cache/supercache/$host/$uri/$index.html
       ```
   
 * Note the $ on index to make it a string set by the map early on
 * That’s be best I can come up with because you should not use if statements in
   nginx when possible to avoid it.
 *  Thread Starter [_ck_](https://wordpress.org/support/users/_ck_/)
 * (@_ck_)
 * [13 years, 2 months ago](https://wordpress.org/support/topic/suggestion-for-better-https-support/#post-3567527)
 * A word of warning to those with proxies ahead of apache like nginx.
 * This will NOT work if you artificially set the HTTPS flag
 *     ```
       RewriteCond %{HTTPS} on
       ```
   
 * Because apache hasn’t determined it on it’s own, the HTTPS flag is NOT equal 
   to the environmental HTTPS variable, even though PHP after apache will see them
   as equal.
 * What you have to do instead is this
 *     ```
       RewriteCond %{ENV:HTTPS} on
       ```
   
 * This is not the fault of wp-super-cache, just something to be aware of to save
   you time.
    If you do it incorrectly, you will see Apache serving the index.html
   file to https connections instead of index-https.html
 * I do suggest that super-cache put the HTTPS rewrite rule first in it’s .htacess
   blocks though, kind of a waste to process all those other rules for each page
   load.

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘suggestion for better https support’ is closed to new replies.

 * ![](https://ps.w.org/wp-super-cache/assets/icon-256x256.png?rev=3506220)
 * [WP Super Cache](https://wordpress.org/plugins/wp-super-cache/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/wp-super-cache/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/wp-super-cache/)
 * [Active Topics](https://wordpress.org/support/plugin/wp-super-cache/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/wp-super-cache/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/wp-super-cache/reviews/)

## Tags

 * [HTTPS](https://wordpress.org/support/topic-tag/https/)
 * [SSL](https://wordpress.org/support/topic-tag/ssl/)

 * 3 replies
 * 1 participant
 * Last reply from: [_ck_](https://wordpress.org/support/users/_ck_/)
 * Last activity: [13 years, 2 months ago](https://wordpress.org/support/topic/suggestion-for-better-https-support/#post-3567527)
 * Status: not a support question