Ok, I tracked this down to WP Easy SSL and its Cloudflare mode. This was actually quite difficult to track down because the way it alters content to make URL/s secure was also altering my debugging code I was outputting on the screen… I’m not saying that’s bad it was not showing me on screen what was actually happening in the code :/
I am not going to delve too deep in the technical details but here is what is happening.
With Cloudflare mode active a core WP function
is_ssl() will return
false when it should be returning
true. This is known issue in WP that core WP does not want to fix and that the fix should be up to plugins such as WP Easy SSL which implement feature like Cloudflare support.
is_ssl() is a core WP function many, many, plugins rely on it being truthful including Connections.
To fix this issue I installed the CloudFlare Flexible SSL plugin. It is a no frills single purpose plugin that does only one thing. It sets the global server variable for SSL to on based on Cloudflare headers so
is_ssl() will return the correct result.
The better fix… if you can report this issue to the WP Easy SSL support team, they could integrate the few lines of code CloudFlare Flexible SSL into their plugin so
is_ssl() will be truthful when their Cloudflare mode option is enabled.
Hope this helps!