httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mjk <mj.kelle...@gmail.com>
Subject Re: [users@httpd] Apache 2.2 mod_headers question
Date Tue, 07 Feb 2017 13:09:25 GMT
Thank your for your reply.

Yes, I have already traveled down that route and talked with our DevOps
guys.  The system that handles SSL termination is a system they want little
or no configuration on.  They (DevOps) understand that this could be
handled there, but they wont make the change there.

That still leaves me in a position to fix this problem.

Mod_headers should allow me to edit that Header, but in this specific case,
for whatever reason, Mod_headers is not being invoked.

Thanks,

--mjk

On Tue, Feb 7, 2017 at 8:00 AM, Daniel <dferradal@gmail.com> wrote:

> It is perfectly normal for a backend that works with http to return
> internal Location headers with http.
>
> If apache is the backend of some other reverse proxy it is the job of that
> reverse proxy to use the correct url scheme requested by the client, that
> is, to revert the location headers back to "https" where that behaviour is
> needed.
>
> For instance, if the reverse proxy was Apache, it has a directive for that
> called ProxyPassReverse which does exactly that.
>
> Have you tried to "address this" in the reverse proxy where SSL
> termination is?
>
> 2017-02-07 4:40 GMT+01:00 mjk <mj.kelleher@gmail.com>:
>
>> I have spent 8+hours scouring the web, reviewing the Apache Httpd
>> Cookbook, the Definitive Reference, and the 2.2 documentation for
>> mod_headers, mod_proxy and core.
>>
>>
>> CONFIGURATION:
>> Apache Version:
>> Server version: Apache/2.2.15 (Unix)
>> Server built:   Jul 18 2016 15:24:00
>>
>> SSL offloading happens before the requests gets to Apache, which proxies
>> http traffic to Apache on port 80.
>>
>> The Apache VirtualHost config in question does not have a ServerName or
>> ServerAlias configured, and is configured to listen on port 80.
>>
>> SITUATION
>> I have a Rewrite rule issuing a 301 redirect which uses flags
>> [NC,R=301,L] -  which redirects to the correct hostname, but using http as
>> the protocol.
>>
>> I have a mod_headers rule to try to deal with this:   Header always edit
>> Location ^http://(.*) https://$1
>> This rule is getting completely ignored.
>>
>>
>> If I add a wholly new Header like:    Header always add SillyHeader
>> SillyHeaderValue
>> the header DOES get added.
>>
>>
>> Does anyone know why the   "Header always edit"   rule is getting ignored?
>>
>> Thank you,
>>
>> --mjk
>>
>
>
>
> --
> *Daniel Ferradal*
> IT Specialist
>
> email         dferradal at gmail.com
> linkedin     es.linkedin.com/in/danielferradal
>

Mime
View raw message