Showing results for 
Search instead for 
Did you mean: 

SSL decrypt with mixed content

Occasional Contributor

SSL decrypt with mixed content

I thought I had this one solved but it appears not.


I found some older posts on the forum from @owen that talk about how to do SSL descryption.


For simple sites it works fine:


Setup :

Response Rule :


I have a test wordpress site setup for testing (vTM SSL Decrypt with and apache backend)


I get mixed content errors and broken links (CSS won't load, etc)


If I generalized the Response Rule to just handle http:// -> https:// it does work (CSS works, images load) but it impacts EVERYTHING that is HTTP. Example, any content posted on the site as a link is rewritten as https even if the site is not.


I've tried more specific rules to limit what is transformed from http -> https but as customer work with a site and add content, plugins etc, the rule will constantly need to be updated to catch all.


I've searched the forum for anything that might point me in the right direction and I'm currently at a lost.







Re: SSL decrypt with mixed content

Hello, without seeing the detail of the HTML before/after, it is hard to tell which part of your HTTP rewriting rule is not working. I saw an earlier message from JLuksch which suggested to narrow the search to a specific string (rather than just Content Type "text/html") but I guess you tried that?


Can you provide details of the specific rules you have tried, and the before/after output?


If you prefer, send via PM.



Occasional Contributor

Re: SSL decrypt with mixed content



Wordpress can be configured to detect SSL offload by checking for the prescense of a HTTP header. If you use this approach, then wordpress should generate pages which use the appropriate protocol automatically. This will avoid you needing to rewrite the page body. The standard header to use for this is X-forwarded-proto, which can be injected by setting add_x_forwarded_proto == "yes" under vserver -> Protocol Settings (vTM 11.0) or vserver -> Connection Management (vTM <= 10.4). The wordpress support site details the wordpress changes required here:


Alternatively. If you want to do the response rewriting, then you could create a hash of the local hostnames that need to be rewritten and check for "http://<name>", so that you ignore links to non-local content. Or you could use a regex to ensure you only rewrite links to page furniture. but then hyperlinks ("<a href") would remain unchanged. a combination of the two might work:



$body = string.regexsub($body, "(<link[^>]*?href=\"http)://", "$1s://","g");
$body = string.regexsub($body, "(<(script|img)[^>]*?src=\"http)://", "$1s://","g");
$body = string.regexsub($body, "(<a [^>]*? href=\"http)(://\","$1s$2", "g");








Occasional Contributor

Re: SSL decrypt with mixed content



The wordpress support article along with the add_x_forward_proto worked like a charm.


Thank you for all your help!



Occasional Visitor

Re: SSL decrypt with mixed content

Thanks for sharing this guide, I am using Cloudways WordPress hosting and installing WordPress SSL is very easy through their platform.