No SSL on certain conditions

  • Resolved mwthink

    (@mwthink)


    10 years, 6 months ago

    Hi everyone,
    I’m dabbling around with iThemes Security and got forced SSL setup for my whole site on my regular domain, yay.

    Now, I want to disable SSL under certain conditions, particularly if the domain is different than my regular domain. I’m running a Tor hidden service as an alternate route to connect to my server and obviously my SSL cert doesn’t cover my .onion domain, causing errors.

    Does anyone know a quick way I can disable SSL if the domain is *.onion?
    Doesn’t have to be via a menu, totally fine with editing code.

    https://wordpress.org/plugins/better-wp-security/

Viewing 1 replies (of 1 total)
  • Thread Starter mwthink

    (@mwthink)

    10 years, 6 months ago

    Got it working to my expectations with just a couple lines of code.

    In wp-config.php

    if(WP_SITEURL != "http://mwthink766tanbo6.onion"){ // Disable SSL on our hidden service
        define('FORCE_SSL_ADMIN', true);
        define('FORCE_SSL_LOGIN', true);
}

    In /wp-content/plugins/better-wp-security/core/modules/ssl/class-itsec-ssl.php we add

    || (WP_SITEURL == "http://mwthink766tanbo6.onion")

    to the end of if statement here

    if ( isset( $hide_options['enabled'] ) && ( $hide_options['enabled'] === true ) && ( $_SERVER['REQUEST_URI'] == ITSEC_Lib::get_home_root() . $hide_options['slug'] ) ) {

    Works great. Does anyone know if this project is open source (Doesn’t seem like it is)? If it is, I plan to integrate this into the plugin menu and make it a toggleable option.

    Let me know devs.

Viewing 1 replies (of 1 total)

The topic ‘No SSL on certain conditions’ is closed to new replies.

Tags