Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Determine if visitor connected over SSL on CloudFlare Pro [closed]

Tags:

php

cloudflare

We have a site running on CloudFlare Pro that uses their supplied certificate for one-click encryption. Our site has "optional" SSL for users. As it's a forum, we currently run a proxy script that detects if a posted image is not using a HTTPS protocol and automatically proxies the image through a script running on our server to maintain security and our lovely green lock!

My only issue now is that this introduces unnecessary load on our servers when users aren't using HTTPS so we would like to be able to detect if they are or are not. However, as the CloudFlare server is actually connecting to ours no matter what over HTTP (because we are using one-click SSL on CloudFlare) our PHP script always reports HTTP and never proxies the images even when the user is using HTTPS. Is there a way to get CloudFlare to report the user is using SSL?

like image 571
jduncanator Avatar asked Apr 06 '13 01:04

jduncanator


1 Answers

Found my answer, they send a header X-FORWARDED-PROTO. It's https for SSL and http for normal!

like image 71
jduncanator Avatar answered Oct 03 '22 04:10

jduncanator