One of my clients runs a WordPress blog on a Plesk powered web server. My client requires that their WordPress admin only be accessible via SSL. Given Plesk’s default behavior of storing non-secure files in /httpdocs/ and secure files in /httpsdocs/, this presented a configuration challenge.
Initially, I simply copied the files from /httpdocs/ to /httpsdocs/. This allowed my client to access both the public and admin areas of WordPress via SSL. However, we ran into problems when we tried uploading files and inserting them into posts.
Under SSL, WordPress would upload the files to /httpsdocs/wp-content/uploads/; however, the WordPress WYSIWYG editor would link to the files via a non-secure hyperlink. This would result in a broken link since the files weren’t being stored in the non-secure upload folder.
My first idea for fixing this problem was to add some mod_rewrite rules to /httpdocs/.htaccess. I planned to add some rules which would redirect all non-secure links to /wp-content/uploads/ to secure links. However, after a bit of searching, I found that there is a simple configuration checkbox in Plesk that is designed to handle scenarios such as this.
Under the setup page for a Plesk domain, there is a checkbox that reads “Use a single directory for housing SSL and non-SSL content.” Checking that box and saving my settings was a quick and easy solution to this problem.