
On Thu, Mar 16, 2017 at 5:33 PM, Andrei <lag...@gmail.com> wrote:

> Hello everyone,
> I have a setup with Varnish/Hitch in front of Apache, where Hitch proxies
> the SSL traffic to Varnish via HTTP, and Apache receives the request via
> HTTP while the client request was done via https. This local downgrade is
> due to Varnish not supporting SSL. Since there are quite a few platforms
> out there that rely on HTTPS/SERVER_PORT checks to force https redirects
> for example, I've been toying with mod_rpaf which can spoof the environment
> variables based on X headers from a defined list of IPs, but it's not
> consistent and requires disabling keepalive due to a long standing bug -
> https://github.com/gnif/mod_rpaf/issues/42. That being said, I'm trying
> to ditch mod_rpaf and spoof the variables using SetEnvIf based on a custom
> X-Header instead, which will be set by Varnish. The only problem I'm
> running in to is overriding SERVER_PORT. For example, if I have:
> SetEnvIf X-HTTPS "on" HTTPS=on
> SetEnvIf X-HTTPS "on" REQUEST_SCHEME=https
> SetEnvIf X-HTTPS "on" SERVER_PORT=443
> The above results in:
> root@avi [~]# curl -sH"X-HTTPS: on" http://domain.com/headers.php|egrep
> -i 'https|r_port'
> $_SERVER[HTTPS]; => on
> root@avi [~]#
> While I would expect them to be:
> $_SERVER[HTTPS]; => on
> If anyone knows of a different method, or module to use, I'm more than
> open to ideas. Thanks in advance!

Reply via email to