View more context


Hello, we have similar setup, SSL connection to Nginx reverse-proxy and then HTTP connection to Apache server. All projects configured with (SS3) Director.alternate_protocol = 'https' to generate proper links. SS4 simplified configuration and all you need is to set SS_BASE_URL to external url.

@MichalKleiner docker nginx-proxy has 2 modes how to forward connection. default is to connect with http.

Thanks @MichalKleiner, good to see it wasn’t just me having issues. RPAF has done the trick for now, so I’ve incorporated it into the Apache Dockerfile for the meantime.

thanks @gregsmirnov… our issue is that we could have several domains and need something universal independent of SS itself

so what’s your setup now @Josh? did you enable something like this? https://github.com/gnif/mod_rpaf

Attachments:
gnif/mod_rpaf

@MichalKleiner that’s exactly right. In my Dockerfile I’m extending the official httpd image, compiling the mod_rpaf extension, and then loading it via an Apache conf file.

Since this image is mainly used for dev, I added the following under the RPAF_ProxyIPs:

  1. RPAF_ProxyIPs 127.0.0.1 172.16.0.0/16 192.168.0.0/16 10.0.0.0/24

I think silverstripe looks for HTTP_X_FORWARDED_PROTOCOL rather than HTTP_X_FORWARDED_PROTO. So you may need to define this header in Nginx to match the HTTP_X_FORWARDED_PROTO header.

SilverStripe looks for $_SERVER[‘HTTPS’] to not be 'off' or $_SERVER[‘SSL’] to be present, nothing else

or at least I couldn’t find anything else in the framework codebase