SilverStripe 4 behind HAProxy - absolute URL has wrong protocol

Today I installed my latest project on the provided server and had some "mixed content" issues due to SilverStripe generating a "http" basetag on a https site. The reason was, it didn't see that it should server absolute https urls, cause it's installed behind a HAProxy instance. This is pretty annoying but with a little help of my friends on slack it was easy to solve.

I put a simple php script on the server, that did a var_dump($_SERVER); to see how SilverStripe sees the current request. This showed that the REQUEST_SCHEME is set to "http". Even if I call the site with a https url. Weird. Scrolling down I found that HTTP_X_FORWARDED_PROTO is set to "https". Well, that's something.

Tim (dorsetdigital) suggested to alter the projects .htaccess file and set an environment variable (well, that could also be set in the global environment):

SetEnvIf X-Forwarded-Proto "https" HTTPS=on

Which solved this problem for me. Tim also says:

Obviously, this is just you telling the webserver that the connection is https...  it may not be. If the proxy is on the same machine and communicates with the webserver via a local socket, then it's arguably less of an issue... if the proxy is remote, then you will still have an unencrypted leg in the route.

Rate this post

Join the SilverStripe Europe Conference 2019!

See you at StripeConEU 2019

Post your comment


No one has commented on this page yet.

RSS feed for comments on this page | RSS feed for all comments