Title: wp_fix_server_vars Published: April 25, 2014 Last modified: May 20, 2026 --- # wp_fix_server_vars() ## In this article * [Source](https://developer.wordpress.org/reference/functions/wp_fix_server_vars/?output_format=md#source) * [Related](https://developer.wordpress.org/reference/functions/wp_fix_server_vars/?output_format=md#related) * [Changelog](https://developer.wordpress.org/reference/functions/wp_fix_server_vars/?output_format=md#changelog) [ Back to top](https://developer.wordpress.org/reference/functions/wp_fix_server_vars/?output_format=md#wp--skip-link--target) This function’s access is marked private. This means it is not intended for use by plugin or theme developers, only by core. It is listed here for completeness. Fixes `$_SERVER` variables for various setups. ## 󠀁[Source](https://developer.wordpress.org/reference/functions/wp_fix_server_vars/?output_format=md#source)󠁿 ```php function wp_fix_server_vars() { global $PHP_SELF; $default_server_values = array( 'SERVER_SOFTWARE' => '', 'REQUEST_URI' => '', ); $_SERVER = array_merge( $default_server_values, $_SERVER ); // Fix for IIS when running with PHP ISAPI. if ( empty( $_SERVER['REQUEST_URI'] ) || ( 'cgi-fcgi' !== PHP_SAPI && preg_match( '/^Microsoft-IIS\//', $_SERVER['SERVER_SOFTWARE'] ) ) ) { if ( isset( $_SERVER['HTTP_X_ORIGINAL_URL'] ) ) { // IIS Mod-Rewrite. $_SERVER['REQUEST_URI'] = $_SERVER['HTTP_X_ORIGINAL_URL']; } elseif ( isset( $_SERVER['HTTP_X_REWRITE_URL'] ) ) { // IIS Isapi_Rewrite. $_SERVER['REQUEST_URI'] = $_SERVER['HTTP_X_REWRITE_URL']; } else { // Use ORIG_PATH_INFO if there is no PATH_INFO. if ( ! isset( $_SERVER['PATH_INFO'] ) && isset( $_SERVER['ORIG_PATH_INFO'] ) ) { $_SERVER['PATH_INFO'] = $_SERVER['ORIG_PATH_INFO']; } // Some IIS + PHP configurations put the script-name in the path-info (no need to append it twice). if ( isset( $_SERVER['PATH_INFO'] ) ) { if ( $_SERVER['PATH_INFO'] === $_SERVER['SCRIPT_NAME'] ) { $_SERVER['REQUEST_URI'] = $_SERVER['PATH_INFO']; } else { $_SERVER['REQUEST_URI'] = $_SERVER['SCRIPT_NAME'] . $_SERVER['PATH_INFO']; } } // Append the query string if it exists and isn't null. if ( ! empty( $_SERVER['QUERY_STRING'] ) ) { $_SERVER['REQUEST_URI'] .= '?' . $_SERVER['QUERY_STRING']; } } } // Fix for PHP as CGI hosts that set SCRIPT_FILENAME to something ending in php.cgi for all requests. if ( isset( $_SERVER['SCRIPT_FILENAME'] ) && str_ends_with( $_SERVER['SCRIPT_FILENAME'], 'php.cgi' ) ) { $_SERVER['SCRIPT_FILENAME'] = $_SERVER['PATH_TRANSLATED']; } // Fix for Dreamhost and other PHP as CGI hosts. if ( isset( $_SERVER['SCRIPT_NAME'] ) && str_contains( $_SERVER['SCRIPT_NAME'], 'php.cgi' ) ) { unset( $_SERVER['PATH_INFO'] ); } // Fix empty PHP_SELF. $PHP_SELF = $_SERVER['PHP_SELF']; if ( empty( $PHP_SELF ) ) { $_SERVER['PHP_SELF'] = preg_replace( '/(\?.*)?$/', '', $_SERVER['REQUEST_URI'] ); $PHP_SELF = $_SERVER['PHP_SELF']; } wp_populate_basic_auth_from_authorization_header(); } ``` [View all references](https://developer.wordpress.org/reference/files/wp-includes/load.php/) [View on Trac](https://core.trac.wordpress.org/browser/tags/7.0/src/wp-includes/load.php#L34) [View on GitHub](https://github.com/WordPress/wordpress-develop/blob/7.0/src/wp-includes/load.php#L34-L95) ## 󠀁[Related](https://developer.wordpress.org/reference/functions/wp_fix_server_vars/?output_format=md#related)󠁿 | Uses | Description | | [wp_populate_basic_auth_from_authorization_header()](https://developer.wordpress.org/reference/functions/wp_populate_basic_auth_from_authorization_header/)`wp-includes/load.php` | Populates the Basic Auth server details from the Authorization header. | ## 󠀁[Changelog](https://developer.wordpress.org/reference/functions/wp_fix_server_vars/?output_format=md#changelog)󠁿 | Version | Description | | [3.0.0](https://developer.wordpress.org/reference/since/3.0.0/) | Introduced. | ## User Contributed Notes You must [log in](https://login.wordpress.org/?redirect_to=https%3A%2F%2Fdeveloper.wordpress.org%2Freference%2Ffunctions%2Fwp_fix_server_vars%2F) before being able to contribute a note or feedback.