Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

Installing SilverStripe

Getting SilverStripe up and running on your computer and on your web server.

Moderators: martimiz, Sean, biapar, Willr, Ingo, swaiba, simon_w

Accessing Silverstripe through SSL-Proxy (shared certificates)


Reply

4 Posts   2540 Views

Avatar
petrsnyder

21 July 2009 at 10:56pm (Last edited: 23 July 2009 10:44am), Community Member, 3 Posts

Hi,

I'd like to utilize my webhoster's "ssl-proxy" in order to access the admin-pages of Silverstripe, but

e.g. instead of

redirecting from

https://ssl-mySSLproxy.com/mysite.com/admin

to

https://ssl-mySSLproxy.com/mysite.com/Security/Login

Silverstripe redirects to

https://ssl-mySSLproxy.com/Security/Login

which gives an error, of course;

Director::set_environment_type('live')
is set in _config.php

I had a try on Director::protocolAndHost(), because I've found that I may use $_SERVER['HTTP_X_FORWARDED_HOST'], but that just ensures that Silverstripe gets the URLs for CSS/JS right, the redirecting still fails ( without this patch SS sometimes would try to load .css-files from the SSL-Proxy ...).

Any hints welcome ...

--- Director_orig.php   2009-07-21 12:02:55.000000000 +0200
+++ Director.php   2009-07-21 12:15:11.000000000 +0200
@@ -338,8 +338,10 @@

      $s = (isset($_SERVER['SSL']) || (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off')) ? 's' : '';
      
-      if(isset($_SERVER['HTTP_HOST'])) {
+      if((isset($_SERVER['HTTP_HOST'])) && (!isset($_SERVER['HTTP_X_FORWARDED_HOST']))) {
         return "http$s://" . $_SERVER['HTTP_HOST'];
+      } else if (isset($_SERVER['HTTP_X_FORWARDED_HOST'])) {
+         return "https://" . $_SERVER['HTTP_X_FORWARDED_HOST'] . '/' . $_SERVER['HTTP_HOST'];
      } else {
         global $_FILE_TO_URL_MAPPING;
         if(Director::is_cli() && isset($_FILE_TO_URL_MAPPING)) $errorSuggestion = ' You probably want to define '.

Avatar
petrsnyder

22 July 2009 at 3:58am Community Member, 3 Posts

Back again: I am far away from a solution. My quick and dirty patch somehow breaks the session cookie (after a login with the correct user/password I am dumped back to the login page, and no cookie is set at all).

That cookie should be set to the hostname of the SSL-proxyserver, wading through the code ...

Finally I'd rather not change the core of SS, there must be s.th. similar to that approach below that I used several times for drupal 6 installations:

http://drupal.org/node/339552

Avatar
petrsnyder

23 July 2009 at 10:38am (Last edited: 23 July 2009 10:45am), Community Member, 3 Posts

took another road. I've set Director::protocolAndHost back to its original form and this into _config.php:

if ( ( isset( $_SERVER['HTTP_X_FORWARDED_HOST'] ) ) && ($_SERVER['HTTP_X_FORWARDED_HOST'] == "ssl-myproxy.com") ) {
Director::setBaseUrl('https://' . $_SERVER['HTTP_X_FORWARDED_HOST'] . '/www.mysite.com/');
}

This fixes redirecting (to Security/Login), but
login into the CMS isn't working yet, after a login I am redirected to the login page ...

Avatar
dynamite

3 September 2009 at 8:49am Community Member, 66 Posts

Hi,

I am very interested if you were able to get this working, as I would like to implement something similar for my SS hosted web sites.

Thanks!

Jeremy