Menu
I have a reverse proxy that does HTTPS on the outside, but HTTP on the inside.
This means that by default in-app URLs will have HTTP as the scheme, as this is the way it's being contacted.
How can the proxy tell the backend that HTTPS should be used?
855
The proxy can add extra (or overwrite) headers to requests it receives and passes through to the back-end. These can be used to communicate information to the back-end.
So far I've seen a couple used for forcing the use of https in URL scheme:
X-Forwarded-Protocol: https X-Forwarded-Ssl: on X-Url-Scheme: https And wikipedia also mentions:
# a de facto standard: X-Forwarded-Proto: https # Non-standard header used by Microsoft applications and load-balancers: Front-End-Https: on This what you should add to the VirtualHost on apache: other proxies should have similar functionality
RequestHeader set X-FORWARDED-PROTOCOL https RequestHeader set X-Forwarded-Ssl on # etc. I think it's best to set them all, or set one that works and remove the other known ones. To prevent evil clients messing with them.
187
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With