SSL Issues
This is an open discussion with 1 reply, filed under General.
Search
-
-
- davjand
- 04 May 12, 4:20 am
- Comment #2
Turns out that due to the load balancer and how the hosting was setup, $_SERVER['HTTPS'] wasn't being set (http://forums.tsohost.co.uk/clustered-hosting-platform-windows-hosting/747-ssl-detection.html).
To solve this I had to modify 'defines.php' to add the following logic:
//work out if HTTPS
$httpsDefined = getenv('HTTPS');
if(!$httpsDefined){
$httpsDefined = ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https');
}
define_safe('HTTPS', $httpsDefined);
Should this be classified as a symphony bug?
Create an account or sign in to comment.
I'm having some issues using https with symphony.
After some difficulties, I've got the frontend of the site working - had some issues as my hosting was behind a load balancer and secondly that all my links needed trailing slashes or were 301ing when jquery was trying to get links.
My htaccess file looks like this currently:
### Symphony 2.2.x ### Options +FollowSymlinks -Indexes <IfModule mod_rewrite.c> RewriteEngine on RewriteBase / #SSL RewriteCond %{HTTP:X-Forwarded-Proto} !https RewriteRule ^(.*)$ https://mydomain.co.uk/$1 [R=301,L] ### SECURITY - Protect crucial files RewriteRule ^manifest/(.*)$ - [F] RewriteRule ^workspace/utilities/(.*).xsl$ - [F] RewriteRule ^workspace/pages/(.*).xsl$ - [F] RewriteRule ^(.*).sql$ - [F] ### DO NOT APPLY RULES WHEN REQUESTING "favicon.ico" RewriteCond %{REQUEST_FILENAME} favicon.ico [NC] RewriteRule .* - [S=14] ### IMAGE RULES RewriteRule ^image/(.+.(jpg|gif|jpeg|png|bmp))$ extensions/jit_image_manipulation/lib/image.php?param=$1 [L,NC] ### CHECK FOR TRAILING SLASH - Will ignore files RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_URI} !/$ RewriteCond %{REQUEST_URI} !(.*)/$ RewriteRule ^(.*)$ $1/ [L,R=301] ### URL Correction RewriteRule ^(symphony/)?index.php(/.*/?) $1$2 [NC] ### ADMIN REWRITE RewriteRule ^symphony/?$ index.php?mode=administration&%{QUERY_STRING} [NC,L] RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_FILENAME} !-f RewriteRule ^symphony(/(.*/?))?$ index.php?symphony-page=$1&mode=administration&%{QUERY_STRING} [NC,L] ### FRONTEND REWRITE - Will ignore files and folders RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_FILENAME} !-f RewriteRule ^(.*/?)$ index.php?symphony-page=/$1&%{QUERY_STRING} [L] </IfModule>However with this, I'm unable to submit any forms in the symphony backend - they don't register as submitted after clicking submit (as if the event didn't trigger like with a frontend form)
Also one other thing I've noticed is that symphony doesn't seem to be noticing the HTTPS at all - all the javascript and images are being included via http which is giving me lots of 'insecure' content errors.
Anyone have any ideas?
Cheers Guys