Bug #25266
closed
allow redirect to ssl reverse proxy
0%
Description
lockSSL = 2 just switches to https for the current hostname, but doesn't redirect to reverse proxy.
would be nice to have this working.
regards
Kay
(issue imported from #M17878)
Updated by Stefan Neufeind over 12 years ago
- Target version deleted (
0)
Agreed. Just stumbled over this as well :-)
Workaround for the moment in .htaccess:
RewriteCond %{REMOTE_ADDR} "!remoteproxyip"
RewriteRule ^typo3(.*) https://remoteproxydomain/remoteproxypath/typo3$1 [R,L]
Background of this issue:
TYPO3 checks for localconf-settings reverseProxyIP and reverseProxySSL. If the request comes in via the proxy (and reverseProxyHeaderMultiValue is set to first or last) the hostname is correctly fetched from HTTP_X_FORWARDED_HOST (see t3lib/class.t3lib_div.php). But to set the hostname which is used for redirecting from HTTP to HTTPS we might need a new setting like reverseProxyHostSSL (note that reverseProxyPrefixSSL already exists) or maybe "lockSSLHost" (since we already have $TYPO3_CONF_VARS['BE']['lockSSLPort']). I think going the reverseProxy...-way might be best since we can then also use the prefix-variable etc.
Currently in typo3/init.php the current servername is fetched and simply prefixed with "https://" in front.
Updated by Mathias Schreiber over 9 years ago
- Description updated (diff)
- Status changed from New to Closed
- TYPO3 Version set to 6.0
- Is Regression set to No
dupe
Updated by Mathias Schreiber over 9 years ago
- Status changed from Closed to Accepted
Updated by Paul D over 9 years ago
Has this been fixed in 6.1.* ?
I use 6.1.12 behind haproxy and this bug still exists.
Updated by Stefan Neufeind over 8 years ago
- Status changed from Accepted to Closed
Closed as a dupe of #38392. Imho it goes in the same direction and we can continue there.