Hello everyone,
I have a setup with Varnish/Hitch in front of Apache, where Hitch proxies the SSL traffic to Varnish via HTTP, and Apache receives the request via HTTP while the client request was done via https. This local downgrade is due to Varnish not supporting SSL. Since there are quite a few platforms out there that rely on HTTPS/SERVER_PORT checks to force https redirects for example, I've been toying with mod_rpaf which can spoof the environment variables based on X headers from a defined list of IPs, but it's not consistent and requires disabling keepalive due to a long standing bug -
https://github.com/gnif/mod_rpaf/issues/42. That being said, I'm trying to ditch mod_rpaf and spoof the variables using SetEnvIf based on a custom X-Header instead, which will be set by Varnish. The only problem I'm running in to is overriding SERVER_PORT. For example, if I have:
SetEnvIf X-HTTPS "on" HTTPS=on
SetEnvIf X-HTTPS "on" REQUEST_SCHEME=https
SetEnvIf X-HTTPS "on" SERVER_PORT=443
The above results in:
$_SERVER[HTTPS]; => on
$_SERVER[HTTP_X_HTTPS]; => on
$_SERVER[REQUEST_SCHEME]; => https
$_SERVER[SERVER_PORT]; => 80
root@avi [~]#
While I would expect them to be:
$_SERVER[HTTPS]; => on
$_SERVER[HTTP_X_HTTPS]; => on
$_SERVER[REQUEST_SCHEME]; => https
$_SERVER[SERVER_PORT]; => 443
If anyone knows of a different method, or module to use, I'm more than open to ideas. Thanks in advance!
