Hi,
I have an interesting problem.
I have apache behind Nginx behind haproxy.
SSL is terminated with haproxy (because haproxy can load all certificates from
a single directory, and because some rate-limiting stuff is easier with
haproxy).
This makes using Let’s Encrypt easier.
Sometimes, I want to do Nginx + fastcgi + php-fpm directly, without apache
(it’s measurably faster).
For apache, you need this in the configuration:
proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
(and for good measure, also this:
SetEnvIf X-Forwarded-Proto "^https$" HTTPS=on
)
For fast-cgi, one also needs this in the configuration (fastcgi_params):
fastcgi_param HTTPS $fwd_ssl;
$fwd_ssl is generated by this map:
map $http_x_forwarded_proto $fwd_ssl {
http off;
https on;
}
in the global http section.
In wordpress, when I enable „Really Simple SSL“, I get a redirect loop (to
https) on the front-page (as an unauthenticated user) but the backend works.
I wonder what wordpress is missing so that it still thinks the connection is
coming over http instead of https.
Any ideas?
Best Regards
Rainer
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
