Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Symfony port redirection behind reverse proxy

I have a Symfony 3.2 application (running on port 8443) using FosUserBundle. When anonymous users access 'https://[myurl].com:8443', they are redirected to 'https://[myurl].com:8443/login' for the login process. This redirection is working fine when accessing the application but now, we want to use a reverse proxy to forward the requests from customers to the application. Customers would use standard https port 443.

What happens is the following : Users access the application with 'https://myurl.com'.
The request is forwarded by the reverse proxy to the web server (IIS) hosting the application on port 8443.
The user making the request is redirected to 'https://myurl.com:8443/login' which does not work because 8443 is only opened server-side.

I tried different solutions in symfony but was not able to make it work :
-set up the reverse proxy in symfony : Request::setTrustedProxies(array('123.456.78.89'));
-set http_port/https_port in config.yml
-set $_SERVER['SERVER_PORT'] = 443;

Any idea on how can I solve this ?

Thanks

like image 656
Keat Avatar asked Oct 31 '17 15:10

Keat


2 Answers

In addition to @Gor I think you should also configure your proxy to add X-Forwarded headers. In Nginx something like

location / {
    proxy_pass              http://myurl:8443;
    proxy_set_header        Host $host;
    proxy_set_header        X-Real-IP $remote_addr;
    proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header        X-Forwarded-Proto $scheme;
    proxy_set_header        X-Forwarded-Port $server_port;
  }
like image 67
Carlos Avatar answered Oct 22 '22 04:10

Carlos


Open the following file:

web/app.php

Right after this line:

$request = Request::createFromGlobals();

Insert this block:

// tell Symfony about your reverse proxy
Request::setTrustedProxies(
    // the IP address (or range) of your proxy
    ['192.0.0.1', '10.0.0.0/8'],

    // trust *all* "X-Forwarded-*" headers
    Request::HEADER_X_FORWARDED_ALL

    // or, if your proxy instead uses the "Forwarded" header
    // Request::HEADER_FORWARDED

    // or, if you're using AWS ELB
    // Request::HEADER_X_FORWARDED_AWS_ELB
);

See:

"How to Configure Symfony to Work behind a Load Balancer or a Reverse Proxy" http://symfony.com/doc/3.4/deployment/proxies.html

like image 29
Gor Avatar answered Oct 22 '22 05:10

Gor