I face the same problem, and to avoid that, I wrote a small plugin to override a function and redirect to https or http. Basically, it will check:
- if the page need to use https and is using http: redirect to https
- if the page need to use http and is using https: redirect to http
- otherwise, continue
Note: You must enable both http and https for your website.
function qa_get_request_content()
{
// echo "Test call";
$forced_https_pages = array('login', 'register', 'user', 'admin');
$is_forced_https = in_array(qa_request_part(0), $forced_https_pages) ? true : false;
if ($is_forced_https && !qa_is_https_probably()) {
header('Location: ' . "https://$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]");
die();
} else if (!$is_forced_https && qa_is_https_probably()) {
header('Location: ' . "http://$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]");
die();
} else {
return qa_get_request_content_base();
}
}
There are 2 problems:
- If user login by the login form (http page) then it will redirect to Login page (https page) instead of login immidiately.
- I'm not sure qa_get_request_content is the right function to redirect.