Question:
I’m having issues by forcing ssl. I’m using codeigniter and deployed it in AWS single instance with elasticbeanstalk. My htaccess rules below:
|
1 2 3 4 5 6 7 8 9 |
RewriteEngine On RewriteCond %{HTTPS} off RewriteRule !/status https://%{SERVER_NAME}%{REQUEST_URI} [L,R] RewriteEngine on RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^(.*)$ /index.php/$1 [L] |
But browser gets in a redirect loop. Whatever i tried didnt solve this problem.
Answer:
As I mentioned in my comment:
in the ssl.conf every call from port 443 is “proxyed” to port 80, so you never get https = on.
I did some tests and I found out that the ProxyPass directive in ssl.conf does not simply redirect every request from port 443 to localhost:80, but basically repeats the request to Apache from scratch, through the port 80 (at least, that’s what I understood).
I checked the value of $_SERVER and found out that HTTP_X_FORWARDED_FOR, HTTP_X_FORWARDED_HOST and HTTP_X_FORWARDED_SERVER are set during a HTTPS request (but they are NOT set during a HTTP request), meanwhile SERVER_ADDR and REMOTE_ADDR are set to 127.0.0.1 during a HTTPS request (but they are set to different values for HTTP requests).
I assume you can easily check if your request was plain HTTP with something like this (check the syntax, I’m rubbish with Apache):
|
1 2 |
RewriteCond %{ENV:HTTP_X_FORWARDED_SERVER} !^$ |
or
|
1 2 |
RewriteCond %{ENV:SERVER_ADDR} !^127\.0\.0\.1 |
BEWARE: I couldn’t find any reference in AWS documentation, it’s just an empiric result… they can easily change this behavior!
Happy coding! 🙂