Detecting https requests in php

Question

The problem that I am having has to do with the need to keep some urls of a website protected by https and the rest kicked to http.

Normally, you have $_SERVER['HTTP_HTTPS'] or $_SERVER['HTTPS'] (depending on your flavor of Apache). You also can check the port - it's 80 for normal traffic and 443 for https.

My problem is that the certificate sits on the loadbalancer, and all these variables are unavailable, and the webserver sees http://www.foo.com on port 80. One way to fix this is to tell the loadbalancer to sent the traffic on a different port, but I wonder if there are other ways to detect https coming from the load balancer...

Answer 1

If the load balancer is the other end of the SSL connection, you cannot get any more info than the load balancer explicitly provides. I would go for adding a http header, it may already be doing that, dump all the HTTP headers and look.

As another solution, you can do the redirection on the load balancer based on URL.