Keywords: WordPress - AWS - Technical issue - Domain Name (DNS)
bnsupport ID: 0109749a-ef46-ae6f-f9e1-04cff46fd8b2
Description:
I launched the WordPress AMI by Bitnami via the AWS Marketplace. I got everything working correctly using the IP address as the 'A' record set in the Route 53 hosted zone.
I created a new CloudFront distribution with the EC2 Public DNS ( ‘ec2-35-162-xx-xxx.us-west-2.compute.amazonaws.com’) as the origin and entered my domain names ’mydomain.com’ and "www.mydomain.com" as Alternate Domain Names (CNAMEs).
In CloudFront behaviors:
Viewer Protocol Policy: Redirect HTTP to HTTPS
Allowed HTTP Methods: GET, HEAD, OPTIONS, PUT, POST, PATCH, DELETE
Cache Based on Selected Request Headers: Whitelist
Whitelist Headers: Host
Forward Cookies: Whitelist
wordpress_logged_in_*
wordpress_test_cookie
wp-settings-*
Query String Forwarding and Caching: Forward all, cache based on all
I changed the Route 53 ‘A’ record set and and 'AAAA' record set to the CloudFront URL as the alias target (abcdefxxxxxx.cloudfront.net).
Everything seems to be working except when I try to log in, after I enter the user name and password and click "Log in" it redirects me to:
/wp-login.php?redirect_to=https%3A%2F%2Fwww.mydomain.com%2Fwp-admin%2F&reauth=1
with the password field empty.
If I fill in the password and click "Log in" again, it just redirects to the same URL again.
tried clearing browser cache/history etc.
tried removing session_token content from wp_usermeta using phpmyadmin
tried invalidating the CloudFront distribution
There seems to be nothing related to the problem in /opt/bitnami/apache2/logs/error_log
There is some info in the access log,
/opt/bitnami/apache2/logs/access_log:
70.132.31.147 - - [30/Nov/2019:23:47:29 +0000] "GET /wp-login.php HTTP/1.1" 200 2894
70.132.31.141 - - [30/Nov/2019:23:47:34 +0000] "POST /wp-login.php HTTP/1.1" 302 -
35.167.191.165 - - [30/Nov/2019:23:47:34 +0000] "GET /wp-admin/ HTTP/1.1" 302 -
35.162.63.255 - - [30/Nov/2019:23:47:34 +0000] "GET /wp-login.php?redirect_to=https%3A%2F%2Fwww.mydomain.com%2Fwp-admin%2F&reauth=1 HTTP/1.1" 200 2900
(Note that the final IP is not the IP of the Bitnami WordPress EC2 instance, although the first two numbers are the same.)
wp-config.php, with ## substituted for sensitive information:
<?php
/**
* The base configuration for WordPress
*
* The wp-config.php creation script uses this file during the
* installation. You don't have to use the web site, you can
* copy this file to "wp-config.php" and fill in the values.
*
* This file contains the following configurations:
*
* * MySQL settings
* * Secret keys
* * Database table prefix
* * ABSPATH
*
* @link https://codex.wordpress.org/Editing_wp-config.php
*
* @package WordPress
*/
// ** MySQL settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define( 'DB_NAME', 'bitnami_wordpress' );
/** MySQL database username */
define( 'DB_USER', 'bn_wordpress' );
/** MySQL database password */
define( 'DB_PASSWORD', '##' );
/** MySQL hostname */
define( 'DB_HOST', 'localhost:3306' );
/** Database Charset to use in creating database tables. */
define( 'DB_CHARSET', 'utf8' );
/** The Database Collate type. Don't change this if in doubt. */
define( 'DB_COLLATE', '' );
/**#@+
* Authentication Unique Keys and Salts.
*
* Change these to different unique phrases!
* You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}
* You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
*
* @since 2.6.0
*/
define('AUTH_KEY', '##');
define('SECURE_AUTH_KEY', '##');
define('LOGGED_IN_KEY', '##');
define('NONCE_KEY', '##');
define('AUTH_SALT', '##');
define('SECURE_AUTH_SALT', '##');
define('LOGGED_IN_SALT', '##');
define('NONCE_SALT', '##');
/**#@-*/
/**
* WordPress Database Table prefix.
*
* You can have multiple installations in one database if you give each
* a unique prefix. Only numbers, letters, and underscores please!
*/
$table_prefix = 'wp_';
/**
* For developers: WordPress debugging mode.
*
* Change this to true to enable the display of notices during development.
* It is strongly recommended that plugin and theme developers use WP_DEBUG
* in their development environments.
*
* For information on other constants that can be used for debugging,
* visit the Codex.
*
* @link https://codex.wordpress.org/Debugging_in_WordPress
*/
define( 'WP_DEBUG', false );
/* That's all, stop editing! Happy publishing. */
define('FS_METHOD', 'direct');
/**
* The WP_SITEURL and WP_HOME options are configured to access from any hostname or IP address.
* If you want to access only from an specific domain, you can modify them. For example:
* define('WP_HOME','http://example.com');
* define('WP_SITEURL','http://example.com');
*
*/
if ( defined( 'WP_CLI' ) ) {
$SERVER['HTTPHOST'] = 'localhost';
}
define('WP_SITEURL', 'https://www.mydomain.com');
define('WP_HOME', 'https://www.mydomain.com');
/** Absolute path to the WordPress directory. */
if ( ! defined( 'ABSPATH' ) ) {
define( 'ABSPATH', dirname( FILE ) . '/' );
}
/** Sets up WordPress vars and included files. */
require_once( ABSPATH . 'wp-settings.php' );
define('WP_TEMP_DIR', '/opt/bitnami/apps/wordpress/tmp');
// Disable pingback.ping xmlrpc method to prevent Wordpress from participating in DDoS attacks
// More info at: https://docs.bitnami.com/general/apps/wordpress/troubleshooting/xmlrpc-and-pingback/
if ( !defined( 'WP_CLI' ) ) {
// remove x-pingback HTTP header
add_filter('wp_headers', function($headers) {
unset($headers['X-Pingback']);
return $headers;
});
// disable pingbacks
add_filter( 'xmlrpc_methods', function( $methods ) {
unset( $methods['pingback.ping'] );
return $methods;
});
add_filter( 'auto_update_translation', '_returnfalse' );
}