microthemer on https – empty iframe

Tagged: 

Author Posts

diedetap March 9, 2016 at 5:27 pm

Heads up! this post was created when Microthemer was at version 4. The current version is 7. Some references to the interface may be out of date.

Hi,

I currently have a bit of an unusual setup, which results in that all the admin pages of my WP multisite are forced HTTPS, but front-end pages are only accessible via HTTP. All admin pages are on the original domain with a subdirectory setup and front-end sites are mapped with a domain mapping plugin.

The problem is that the Microthemer UI/admin page is on HTTPS, while the iframe of the front end is not. This causes a mixed content error and the iframe stays empty. Is there a way to force the Microthemer page to be HTTP instead of HTTPS?

Thanks a lot!

Sebastian March 10, 2016 at 9:43 am

Hmm, this is a tricky one. I suspect the fix will need to be implemented at the SSL plugin/.htaccess file side of things. How are you currently forcing https on the admin area?

One option would be adding an http exception for the Microthemer UI page as you say, but a potentially better one would be forcing https on the frontend too – temporarily perhaps while you work in Microthemer.

Cheers,
Sebastian

diedetap March 10, 2016 at 11:03 am

I’m currently using define(‘FORCE_SSL_ADMIN’, true); in the wp-config.php to force SSL in the admin menu. I’ve already looked into adding SSL to the front end but a single multi-domain SSL certificate can get very expensive and has some limitations.


Sebastian March 10, 2016 at 12:23 pm

My knowledge of multisite domain mapping is less than yours. Am I right in thinking that if you log into the site you want to edit as a regular admin rather than super admin, the WP dashboard will be http and you can work with Microthemer from there?

If not, the only solution I can think of would be to temporarily turn off SSL in your admin area while you edit using Microthemer:

define( ‘FORCE_SSL_ADMIN’, false );

(perhaps on a local copy of your network if you have that, you can always export your MT settings as a zip file that can be imported on the live site)

Cheers,
Sebastian

diedetap March 10, 2016 at 1:58 pm

I believe define(‘FORCE_SSL_ADMIN’, true); is applicable on both super admin and regular admin. I’ll try getting SSL disabled and see if that helps. Thanks!

You must login or register to reply to this topic.