Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

Installing SilverStripe /

Getting SilverStripe up and running on your computer and on your web server.

Moderators: martimiz, Sean, biapar, Willr, Ingo, swaiba, simon_w

Accessing Silverstripe through SSL-Proxy (shared certificates)


Reply


4 Posts   2596 Views

Avatar
petrsnyder

Community Member, 3 Posts

21 July 2009 at 10:56pm

Edited: 23/07/2009 10:44am

Hi,

I'd like to utilize my webhoster's "ssl-proxy" in order to access the admin-pages of Silverstripe, but

e.g. instead of

redirecting from

https://ssl-mySSLproxy.com/mysite.com/admin

to

https://ssl-mySSLproxy.com/mysite.com/Security/Login

Silverstripe redirects to

https://ssl-mySSLproxy.com/Security/Login

which gives an error, of course;

Director::set_environment_type('live')
is set in _config.php

I had a try on Director::protocolAndHost(), because I've found that I may use $_SERVER['HTTP_X_FORWARDED_HOST'], but that just ensures that Silverstripe gets the URLs for CSS/JS right, the redirecting still fails ( without this patch SS sometimes would try to load .css-files from the SSL-Proxy ...).

Any hints welcome ...

--- Director_orig.php   2009-07-21 12:02:55.000000000 +0200
+++ Director.php   2009-07-21 12:15:11.000000000 +0200
@@ -338,8 +338,10 @@

      $s = (isset($_SERVER['SSL']) || (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off')) ? 's' : '';
      
-      if(isset($_SERVER['HTTP_HOST'])) {
+      if((isset($_SERVER['HTTP_HOST'])) && (!isset($_SERVER['HTTP_X_FORWARDED_HOST']))) {
         return "http$s://" . $_SERVER['HTTP_HOST'];
+      } else if (isset($_SERVER['HTTP_X_FORWARDED_HOST'])) {
+         return "https://" . $_SERVER['HTTP_X_FORWARDED_HOST'] . '/' . $_SERVER['HTTP_HOST'];
      } else {
         global $_FILE_TO_URL_MAPPING;
         if(Director::is_cli() && isset($_FILE_TO_URL_MAPPING)) $errorSuggestion = ' You probably want to define '.

Avatar
petrsnyder

Community Member, 3 Posts

22 July 2009 at 3:58am

Back again: I am far away from a solution. My quick and dirty patch somehow breaks the session cookie (after a login with the correct user/password I am dumped back to the login page, and no cookie is set at all).

That cookie should be set to the hostname of the SSL-proxyserver, wading through the code ...

Finally I'd rather not change the core of SS, there must be s.th. similar to that approach below that I used several times for drupal 6 installations:

http://drupal.org/node/339552

Avatar
petrsnyder

Community Member, 3 Posts

23 July 2009 at 10:38am

Edited: 23/07/2009 10:45am

took another road. I've set Director::protocolAndHost back to its original form and this into _config.php:

if ( ( isset( $_SERVER['HTTP_X_FORWARDED_HOST'] ) ) && ($_SERVER['HTTP_X_FORWARDED_HOST'] == "ssl-myproxy.com") ) {
Director::setBaseUrl('https://' . $_SERVER['HTTP_X_FORWARDED_HOST'] . '/www.mysite.com/');
}

This fixes redirecting (to Security/Login), but
login into the CMS isn't working yet, after a login I am redirected to the login page ...

Avatar
dynamite

Community Member, 66 Posts

3 September 2009 at 8:49am

Hi,

I am very interested if you were able to get this working, as I would like to implement something similar for my SS hosted web sites.

Thanks!

Jeremy