Tiki Wiki has support for hosting behing a reverse proxy/load balancer which handles HTTPS. However, I had a heck of a time getting this running. I wasn’t able to find the documentation on their website explaining the setup required, but it is documented in lib/setup/absolute_urls.php.
Adding a row to your tiki_preferences table will do the trick.
INSERT INTO tiki_preferences (name, value)
VALUES (‘feature_port_rewriting’, ‘y’)
I also set the ‘https_login’ to ‘required’ and left the ‘https_port’ empty. The absolute_urls.php script will set the https_port var to 443 when this field is empty.A quick, simple fix to force HTTPS logins on your Tiki Wiki install, when you’re running behind a reverse proxy or load balancer which handles HTTPS for you.
When running WordPress behind a load balancer or reverse proxy, you may find that you’re getting lots of insecure content warnings in your browser. This may cause the page to load improperly, as all the content is not being delievered.
Most reverse proxies and load balances will add an additional header to the request, allowing the server to identify the clients’ real IP address. One common name for this header is ‘X-FORWARDED-FOR’. The reverse proxy/load balancer may also add the ‘X-FORWARDED-PROTO’ header. I’ll assume this is the senario moving forward. If you’re not sure what your headers are named, or if they’re present at all, contact your reverse proxy/load balance provider or administrator.
There are several solutions to fix this. A simple plugin can apply the fix – SSL Insecure Content Fixer.
However, if you want to apply the fix yourself, it’s quite simple. After installation, add the following lines to your wp-config.php file:
/** Custom SSL Handlers **/
if (isset($_SERVER[‘HTTP_X_FORWARDED_PROTO’]) && $_SERVER[‘HTTP_X_FORWARDED_PROTO’] == ‘https’)
$_SERVER[‘HTTPS’] = ‘on’;
$_SERVER[‘REMOTE_ADDR’] = $_SERVER[‘HTTP_X_FORWARDED_FOR’];
Save, and that’s it!