The way the load balancer works is that it accepts traffic on both port 80 and 443. It forwards all traffic to the server on port 80 (even traffic secured by HTTPS!) and also includes a custom header “HTTP_X_FORWARDED_PROTO” in the response.
All is working fine BUT:
When in my blesta order form, "Force Secure Connection (HTTPS)" is ticked.
I do have an infinite loop on the order form URL.
In such case with other CMS, we can add in the CMS config file such kind of code: ----------
if ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') $_SERVER['HTTPS']='on';
----------
Purpose is to let know the CMS when it's ever HTTPS and for the CMS will not create an infinite loop.
So I will be interested to know where in Blesta file I can add such kind of things and what should be the good code syntax.
Question
serge
The way the load balancer works is that it accepts traffic on both port 80 and 443. It forwards all traffic to the server on port 80 (even traffic secured by HTTPS!) and also includes a custom header “HTTP_X_FORWARDED_PROTO” in the response.
All is working fine BUT:
When in my blesta order form, "Force Secure Connection (HTTPS)" is ticked.
I do have an infinite loop on the order form URL.
In such case with other CMS, we can add in the CMS config file such kind of code:
----------
if ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https')
$_SERVER['HTTPS']='on';
----------
Purpose is to let know the CMS when it's ever HTTPS and for the CMS will not create an infinite loop.
So I will be interested to know where in Blesta file I can add such kind of things and what should be the good code syntax.
Here a similar case with other CMS:
WP: https://trick77.com/2012/12/01/prevent-ssl-redirect-loop-using-wordpress-and-haproxy/
XCART: http://www.corporatezen.com/2013/04/x-cart-behind-load-balancer-ssl-termination/
1 answer to this question
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.