Issue with redirect

We have a network of sites that we are planning to move to wpmu. We are using the domain mapping and the multi-domain plugins (probably incorrectly, as there's no setup that we've done). Currently, we have a 'holding site' net.spinemedia.com for the network config, and individual domains (not subdomains, full top-level domains) that are hosted on the wpmu install. Everything normally works fine, but randomly for some people when a site is browsed while being logged in into wpadmin, it enters a redirect loop via net.spinemedia.com/?domainmap_action=domainmap-authorize-user..... kind of a URL. The entire page loads (though we can't see it rendered) and then redirects to / of the site, which agains loads and redirects - in a loop. This seems to happen more for those who have logged in using Google Signon. I have two questions:

1) How can this loop be avoided
2) Can the sso be disabled for anonymous users (the http://net.spinemedia.com/dm-sso-endpoint/.... ) requests keeps going out for all users, whereas our site does not have any login functionality for end-users (only editors need to ever log in). However, given the volume of traffic on our site, this will result in a billion+ extra monthly calls to our backends.

At this time, we don't even know if we are using the plugins correctly or not, because they are just installed and they started working. We've tried this with SSO turned on and off, there's no difference. Any help with that will also be apprecited, we've spent days on this!

While the net.spinemedia.com site is live via DNS, the others sites are still on our staging server and will require host file entries. If you need more details please do let me know. Thanks. Also, could you please copy me (sumit@spinemedia.com) as I'm using a non-shared email and Jarad won't be available for several hours.

Thanks,

Sumit.

  • Adam Czajczyk

    Hello Jarad

    I hope you're well today and thank you for your question!

    I checked your site and actually you're right: you're not using Domain Mapping at all. It's enabled but that's all. You do have domains mapped but only using native WP mapping feature which is much simpler. However, if you do have cross-login enabled it might happen that the plugin will try to actually "cross login" but results would be quite unexpected.

    Please try this (with your "you...mp.com" domain which, as I understand is the only "live" domain, not via "hosts" file):

    - go to "Network Admin -> Sites -> Edit" page
    - in "Settigns" tab make sure that "Siteurl" and "Home" options are not set to that domain but to the original sub-domain (or sub-folder, depending on whether your Multisite is sub-domain or sub-folder based)
    - then go to dashboard of that site
    - in "Tools -> Domain Mapping" map the domain

    Then check if the issue is still happening. Domain Mapping requires domain to be mapped via it to fully work (e.g. for cross-domain autologin - which seems to be responsible for that redirect).

    Let's start with that and see where it gets us. If that doesn't solve the issue, please also try to test that as a user logged in via a regular WP login instead of Google auth.

    Keep me informed, please.

    Kind regards,
    Adam

  • Jarad

    Thanks Adam,

    We took your advice and set up the blogs in exactly the way you descibe. We were able to map them as well this time, and the redirect seems to have reduced drastically (but it doesn't seem to have been totally eliminated. However, what's of a bigger concern are these type of requests:

    net.spinemedia.com/dm-sso-endpoint/1522189277/?dm_action=domainmap-check-login-status&domain=yourbump.com

    These are being sent for regular anonymous users of our sites as well. Regular users don't log in (there's no commenting on our site), and these requests are racking up massive amounts of CPU load on our servers (we get upwards of a billion views a month). Is there any way we can skip these requests to be sent out when someone is not logged in?

    Thanks,

    Sumit.

  • Jarad

    Further to this, we've seen that the redirect issue is still there... earlier it was happening such that the page wouldn't load at all, and would be stuck in a redirect loop, but now the page loads, and then after it's loaded it loads again and so on.... which obviously leads to immense amounts of hits on our servers. Will really appreciate if we can solve this... it can be seen in production on yourbump.com

  • Adam Czajczyk

    Hi Jarad

    Thank you for this additional information!

    I was checking the related chat again and notices two more things in "wp-config.php" file that seems a bit "non-standard".

    1. Around line 31 in "wp-config" you got this:

    /** Absolute path to the WordPress directory. */
    if ( !defined('ABSPATH') )
        define('ABSPATH', dirname(__FILE__) . '/wordpress/');

    The code is repeated at the end of a file with a different path but this one is the one that's working (the second one shouldn't take any effect as when it's called ABSPATH is already defined). So, is this the proper path?

    2. These lines bother me a bit:

    define('WP_SITEURL', 'http://' . $_SERVER[HTTP_HOST] . '/wordpress');
    define('WP_HOME', 'http://' . $_SERVER[HTTP_HOST] );

    First, this code attempts to "dynamically set" the WP_SITEURL and WP_HOME, reading it from HTTP_HOST. What's the purpose of this? Is there any reason for setting it like that?
    These defines shouldn't be use "dynamically" so I assume a sort of "hack" for a reason. Could you shed some light on this?

    Kind regards,
    Adam