Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

We're retiring the forums!

The SilverStripe forums have passed their heyday. They'll stick around, but will be read only. We'd encourage you to get involved in the community via the following channels instead:

Installing SilverStripe /

Getting SilverStripe up and running on your computer and on your web server.

Moderators: martimiz, Sean, Ed, biapar, Willr, Ingo, swaiba

Accessing Silverstripe through SSL-Proxy (shared certificates)

Go to End

4 Posts   3115 Views


Community Member, 3 Posts

21 July 2009 at 10:56pm

Edited: 23/07/2009 10:44am


I'd like to utilize my webhoster's "ssl-proxy" in order to access the admin-pages of Silverstripe, but

e.g. instead of

redirecting from


Silverstripe redirects to

which gives an error, of course;

is set in _config.php

I had a try on Director::protocolAndHost(), because I've found that I may use $_SERVER['HTTP_X_FORWARDED_HOST'], but that just ensures that Silverstripe gets the URLs for CSS/JS right, the redirecting still fails ( without this patch SS sometimes would try to load .css-files from the SSL-Proxy ...).

Any hints welcome ...

--- Director_orig.php	2009-07-21 12:02:55.000000000 +0200
+++ Director.php	2009-07-21 12:15:11.000000000 +0200
@@ -338,8 +338,10 @@
 		$s = (isset($_SERVER['SSL']) || (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off')) ? 's' : '';
-		if(isset($_SERVER['HTTP_HOST'])) {
+		if((isset($_SERVER['HTTP_HOST'])) && (!isset($_SERVER['HTTP_X_FORWARDED_HOST']))) {
 			return "http$s://" . $_SERVER['HTTP_HOST'];
+		} else if (isset($_SERVER['HTTP_X_FORWARDED_HOST'])) {
+			return "https://" . $_SERVER['HTTP_X_FORWARDED_HOST'] . '/' . $_SERVER['HTTP_HOST'];
 		} else {
 			global $_FILE_TO_URL_MAPPING;
 			if(Director::is_cli() && isset($_FILE_TO_URL_MAPPING)) $errorSuggestion = '  You probably want to define '.


Community Member, 3 Posts

22 July 2009 at 3:58am

Back again: I am far away from a solution. My quick and dirty patch somehow breaks the session cookie (after a login with the correct user/password I am dumped back to the login page, and no cookie is set at all).

That cookie should be set to the hostname of the SSL-proxyserver, wading through the code ...

Finally I'd rather not change the core of SS, there must be similar to that approach below that I used several times for drupal 6 installations:


Community Member, 3 Posts

23 July 2009 at 10:38am

Edited: 23/07/2009 10:45am

took another road. I've set Director::protocolAndHost back to its original form and this into _config.php:

if ( ( isset( $_SERVER['HTTP_X_FORWARDED_HOST'] ) ) && ($_SERVER['HTTP_X_FORWARDED_HOST'] == "") ) {
Director::setBaseUrl('https://' . $_SERVER['HTTP_X_FORWARDED_HOST'] . '/');

This fixes redirecting (to Security/Login), but
login into the CMS isn't working yet, after a login I am redirected to the login page ...


Community Member, 66 Posts

3 September 2009 at 8:49am


I am very interested if you were able to get this working, as I would like to implement something similar for my SS hosted web sites.