SSL setup should not be provided by plugin (really simple SSL)
We have currently been setting up the SSL in our farms and sites using the Really Simple SSL plugin. However practical, the plugin has limitations and performance issues.
Disabling it may bring problems and break sites, as happened recently with the dysnomia farm (see discussion on #ecobytes-support and #wordpress
When disabling the plugin, it may be needed to change the siteurl and home on the database. Most importantly however, the wp-config.php file must be updated to contain the following:
/** Setup site to use SSL from reverse proxy **/
$server_opts = array("HTTP_X_FORWARDED_PROTO"=>"https", "HTTP_X_FORWARDED_SSL"=>"off");
define('FORCE_SSL_CONTENT', true);
if (strpos($_SERVER['HTTP_X_FORWARDED_PROTO'], 'https') !== false)
$_SERVER['HTTPS']='on';
Even better would be to depart from a custom wp-config.php deployment, into variable replacement provided by the upstream wordpress docker image:
When running WordPress with TLS behind a reverse proxy such as NGINX which is responsible for doing TLS termination, be sure to set X-Forwarded-Proto appropriately (see "Using a Reverse Proxy" in "Administration Over SSL" in upstream's documentation). No additional environment variables or configuration should be necessary (this image automatically adds the noted HTTP_X_FORWARDED_PROTO code to wp-config.php if any of the above-noted environment variables are specified).