ansaurus

Question

HTTPS Header Redirect Not Working with PHP

Answer 1

A:

redirecting to https pages is no problem. you can check for the port, scheme or server variable (probably server variable is the best) to see if https is on, and have it as a condition for redirecting

$_SERVER['SERVER_PORT'] == 443 
parse_url($_SERVER['REQUEST_URI'],PHP_URL_SCHEME) == 'https'
$_SERVER['HTTPS'] == 'on'

but as you have an infinite loop there must be something else wrong!

Joe Hopfgartner 2010-09-20 18:05:55

Yeah, I got all that part down just fine. I detect it's not secure but it just keeps redirecting it to http no matter what I put in the redirect call. So I'm stumped. Could it be a misconfiguration in Apache I don't know about? Not sure what I would even be looking for there if it was.

Chad 2010-09-20 18:07:49

Answer 2

+2 A:

When loadbalancing, 'internal' SSL usually goes out the door: Clients connect through a load-balancer with which you can do SSL encryption, but behind that in most loadbalancers I've seen is plain 'HTTP'. Try to get your loadbalancer to set a custom header to you indicating that there is a HTTPS connection between loadbalancer & client.

From http://www.apsis.ch/pound/index_html

WHAT POUND IS: ... an SSL wrapper: Pound will decrypt HTTPS requests from client browsers and pass them as plain HTTP to the back-end servers.

And from more manual pages:

HTTP Listener RewriteLocation 0|1|2
If 1 force Pound to change the Location: and Content-location: headers in responses. If they point to the back-end itself or to the listener (but with the wrong protocol) the response will be changed to show the virtual host in the request. Default: 1 (active). If the value is set to 2 only the back-end address is compared; this is useful for redirecting a request to an HTTPS listener on the same server as the HTTP listener.

Wrikken 2010-09-20 18:15:57

This raises an interesting question then with a load balancer setup like this. When the page makes a redirect in code, will the local apache instance try to talk to itself and do the redirect without ever sending it back to the load balancer? If that is the case, that is why it is transforming the https to http on me. None of the nodes have SSL setup on them so it doesn't know it can do it. If this is the case, what would be a work around for this?

Chad 2010-09-20 18:19:00

Found an extra reference in the manual, added it to the answer.

Wrikken 2010-09-20 18:22:22

That did it. Changed RewriteLocation 2 and that solved all those issues. Wow, wish I had seen that at 8 this morning. Thanks for the help Wrikken!

Chad 2010-09-20 19:00:45

Answer 3

A:

try using the load blancer "balance" instead. it only takes about 5 minutes to set up, and instead of proxying, will do "real" load balancing. I would guess your proxy is currently redirecting https requests to the http address. Try making a request without using the balancer. you can do this by setting up the host name in your /etc/hosts file to point directly to a server instead of to the load balancer's IP

Zak 2010-09-20 18:19:32

ansaurus

tags:

views:

answers:

HTTPS Header Redirect Not Working with PHP

related questions