kinglozzer

I was hoping to find an analytics script that wasn’t opt-in, for maximum irony 😞

taoceanz

Cheers for chipping in @brett.tasker what you said was exactly why the 301 redirect was occurring.

taoceanz

Yup, forceSSL() trigger after !isDev check in the _config.php file. It's not using a proxy to terminate but instead NGINX serves the site but that sits behind some other things like Ambassador that take care of the ssl stuff so NGINX shouldn't be concerned with it.

brett.tasker

You may find this still has the same issue. As "Ambassador" is terminating the SSL, Nginx only sees connections come on port 80 and assumes it is http:// request.

You may find that Ambassador sends custom headers to identify when the connection is SSL or not. These headers can be used within Silverstripe CMS to tell Silverstripe if the connection is over HTTPS or not.

E.g. https://docs.silverstripe.org/en/4/developer_guides/security/secure_coding/#request-hostname-forgery