httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Daniel <dferra...@gmail.com>
Subject Re: [users@httpd] Apache 2.2 mod_headers question
Date Tue, 07 Feb 2017 13:00:56 GMT
It is perfectly normal for a backend that works with http to return
internal Location headers with http.

If apache is the backend of some other reverse proxy it is the job of that
reverse proxy to use the correct url scheme requested by the client, that
is, to revert the location headers back to "https" where that behaviour is
needed.

For instance, if the reverse proxy was Apache, it has a directive for that
called ProxyPassReverse which does exactly that.

Have you tried to "address this" in the reverse proxy where SSL termination
is?

2017-02-07 4:40 GMT+01:00 mjk <mj.kelleher@gmail.com>:

> I have spent 8+hours scouring the web, reviewing the Apache Httpd
> Cookbook, the Definitive Reference, and the 2.2 documentation for
> mod_headers, mod_proxy and core.
>
>
> CONFIGURATION:
> Apache Version:
> Server version: Apache/2.2.15 (Unix)
> Server built:   Jul 18 2016 15:24:00
>
> SSL offloading happens before the requests gets to Apache, which proxies
> http traffic to Apache on port 80.
>
> The Apache VirtualHost config in question does not have a ServerName or
> ServerAlias configured, and is configured to listen on port 80.
>
> SITUATION
> I have a Rewrite rule issuing a 301 redirect which uses flags [NC,R=301,L]
> -  which redirects to the correct hostname, but using http as the protocol.
>
> I have a mod_headers rule to try to deal with this:   Header always edit
> Location ^http://(.*) https://$1
> This rule is getting completely ignored.
>
>
> If I add a wholly new Header like:    Header always add SillyHeader
> SillyHeaderValue
> the header DOES get added.
>
>
> Does anyone know why the   "Header always edit"   rule is getting ignored?
>
> Thank you,
>
> --mjk
>



-- 
*Daniel Ferradal*
IT Specialist

email         dferradal at gmail.com
linkedin     es.linkedin.com/in/danielferradal

Mime
View raw message