Hi
may i ask if there is a piece missing in the docs,
maybe even there and i don't spot it, or mod_rewrite
can not distinguish between %a and %{c}a currently
the idea is that the proxy has 127.0.0.1 and does SSL-termination
so it should use unecrypted connections to httpd, but in case
the connection comes from a different IP mod_rewrite is supposed
to redirect the request as shown below to https
without mod_remoteip the mod_rewrite snipped works as expected
so only a replacement for %{REMOTE_ADDR} would be needed that
uses the underlying peer IP address of the connection
<IfModule mod_remoteip.c>
RemoteIPHeader X-Forwarded-For
RemoteIPInternalProxy 127.0.0.1
</IfModule>
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{REMOTE_ADDR} !^127\.0\.0\.1
RewriteCond %{HTTPS} off
RewriteRule (.*) https://www.example.com%{REQUEST_URI}
</IfModule>
http://httpd.apache.org/docs/2.4/mod/mod_rewrite.html
http://httpd.apache.org/docs/2.4/mod/mod_log_config.html
%a Client IP address of the request (see the mod_remoteip module).
%{c}a Underlying peer IP address of the connection (see the mod_remoteip
module)
thank you for feedback
signature.asc
Description: OpenPGP digital signature
