Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

We're retiring the forums!

The SilverStripe forums have passed their heyday. They'll stick around, but will be read only. We'd encourage you to get involved in the community via the following channels instead:

Installing SilverStripe /

Getting SilverStripe up and running on your computer and on your web server.

Moderators: martimiz, Sean, Ed, biapar, Willr, Ingo, swaiba

Accessing Silverstripe through SSL-Proxy (shared certificates)


Go to End


4 Posts   3115 Views

Avatar
petrsnyder

Community Member, 3 Posts

21 July 2009 at 10:56pm

Edited: 23/07/2009 10:44am

Hi,

I'd like to utilize my webhoster's "ssl-proxy" in order to access the admin-pages of Silverstripe, but

e.g. instead of

redirecting from

https://ssl-mySSLproxy.com/mysite.com/admin

to

https://ssl-mySSLproxy.com/mysite.com/Security/Login

Silverstripe redirects to

https://ssl-mySSLproxy.com/Security/Login

which gives an error, of course;

Director::set_environment_type('live')
is set in _config.php

I had a try on Director::protocolAndHost(), because I've found that I may use $_SERVER['HTTP_X_FORWARDED_HOST'], but that just ensures that Silverstripe gets the URLs for CSS/JS right, the redirecting still fails ( without this patch SS sometimes would try to load .css-files from the SSL-Proxy ...).

Any hints welcome ...

--- Director_orig.php	2009-07-21 12:02:55.000000000 +0200
+++ Director.php	2009-07-21 12:15:11.000000000 +0200
@@ -338,8 +338,10 @@
 
 		$s = (isset($_SERVER['SSL']) || (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off')) ? 's' : '';
 		
-		if(isset($_SERVER['HTTP_HOST'])) {
+		if((isset($_SERVER['HTTP_HOST'])) && (!isset($_SERVER['HTTP_X_FORWARDED_HOST']))) {
 			return "http$s://" . $_SERVER['HTTP_HOST'];
+		} else if (isset($_SERVER['HTTP_X_FORWARDED_HOST'])) {
+			return "https://" . $_SERVER['HTTP_X_FORWARDED_HOST'] . '/' . $_SERVER['HTTP_HOST'];
 		} else {
 			global $_FILE_TO_URL_MAPPING;
 			if(Director::is_cli() && isset($_FILE_TO_URL_MAPPING)) $errorSuggestion = '  You probably want to define '.

Avatar
petrsnyder

Community Member, 3 Posts

22 July 2009 at 3:58am

Back again: I am far away from a solution. My quick and dirty patch somehow breaks the session cookie (after a login with the correct user/password I am dumped back to the login page, and no cookie is set at all).

That cookie should be set to the hostname of the SSL-proxyserver, wading through the code ...

Finally I'd rather not change the core of SS, there must be s.th. similar to that approach below that I used several times for drupal 6 installations:

http://drupal.org/node/339552

Avatar
petrsnyder

Community Member, 3 Posts

23 July 2009 at 10:38am

Edited: 23/07/2009 10:45am

took another road. I've set Director::protocolAndHost back to its original form and this into _config.php:

if ( ( isset( $_SERVER['HTTP_X_FORWARDED_HOST'] ) ) && ($_SERVER['HTTP_X_FORWARDED_HOST'] == "ssl-myproxy.com") ) {
Director::setBaseUrl('https://' . $_SERVER['HTTP_X_FORWARDED_HOST'] . '/www.mysite.com/');
}

This fixes redirecting (to Security/Login), but
login into the CMS isn't working yet, after a login I am redirected to the login page ...

Avatar
dynamite

Community Member, 66 Posts

3 September 2009 at 8:49am

Hi,

I am very interested if you were able to get this working, as I would like to implement something similar for my SS hosted web sites.

Thanks!

Jeremy