httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Yann Ylavic <ylavic....@gmail.com>
Subject Re: how make backend applications aware about tls-offloading
Date Sat, 07 Jan 2017 21:53:25 GMT
On Sat, Jan 7, 2017 at 9:30 AM, Reindl Harald <h.reindl@thelounge.net> wrote:
>
> something like below where "X-TLS-Offloading" is only evaluated from
> "RemoteIPInternalProxy" pyhsical addressess
>
> RemoteIPHeader         X-Forwarded-For
> RemoteTLSHeader        X-TLS-Offloading
> RemoteIPInternalProxy  192.168.196.1
>

Wouldn't something like this work?

RewriteRule on
RewriteCond %{ENV:remoteip-proxy-ip-list} .
RewriteCond %{HTTP:X-TLS-Offloading} ^true$
RewriteRule ^ - [E=HTTPS:on,E=REQUEST_SCHEME:https]

Given that remoteip-proxy-ip-list is filled by mod_remoteip if (and
only if) RemoteIPInternalProxy matches.

Mime
View raw message