If I edit the wp-config.php I am supposed to add:
define('FORCE_SSL_ADMIN', true);define('FORCE_SSL_LOGIN', true);However, my website has .htaccess rules to force https and www across the entire website:
Options +FollowSymlinksRewriteEngine OnRewriteCond %{SERVER_PORT} 80 [OR]RewriteCond %{HTTP_HOST} ^website.comRewriteRule ^(.*)$ https://www.website.com/$1 [L,R=301]I know there are other rewriterules available, but again not sure which one is correct.
Which of the following 3 should I be using in wp-config.php
- Without isset(), with curly brackets, with server_port
if ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') { $_SERVER['HTTPS'] = 'on'; $_SERVER['SERVER_PORT'] = 443;} - Without curly brackets & without server_port?
if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') $_SERVER['HTTPS'] = 'on'; - Are curly brackets needed/better or "more correct" & is server_port required?
if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') { $_SERVER['HTTPS'] = 'on'; $_SERVER['SERVER_PORT'] = 443;}
I've found a few other slightly different variations of this all over the internet regarding wordpress SSL but I can't figure out what one is the correct/main one.