(This is a followup to what I posted on a8c’s sysreq last Thursday, which @762e5e74 was working on. That request should have gone here in the first place, because it’s related to WordCamp.org, so I’m moving the discussion here.)
To summarize the issue, URLs like https://2013.sf.wordcamp.org/tickets are being redirected to http://central.wordcamp.org/tickets, when they should instead be redirected to http://2013.sf.wordcamp.org/tickets. (I think this is because they get caught by the catch-all redirect, even though they’re valid pages.)
r4811-deploy added a new rule that redirected all HTTPS traffic to HTTP, but that conflicted with a PHP redirect back to HTTPS, and created a loop.
We’ve removed the PHP redirect for the time being, since the SSL cert doesn’t work on 4th-level domains. We should be able to re-apply r4811-deploy at this point, but I’d like to make a minor modification to it, so that it’s future-proof for when we do support HTTPS on the 4th-level domains (via 3rd-level aliases and domain mapping, or a wildcard with *.*.wordcamp.org SANs, or some other solution).
The modification would be to ignore HTTPS requests to wp-admin URLs. So, the logic would be:
if URL doesn't contain wp-admin
redirect to http version of the URL
That way a request to https://2013.sf.wordcamp.org/wp-admin (or any subpages under wp-admin) would not be redirected, but a request to https://2013.sf.wordcamp.org/tickets will be redirected.
One other thing to keep in mind is that attempts to login to the year.city sites (e.g., http://2013.sf.wordcamp.org/wp-login.php) redirect to http://wordcamp.org/wp-login.php (so they can use the valid SSL), though, and we don’t want that to be affected by any new rules. I don’t think it will be, but thought I’d mention it just in case.