Re: php $_server variable when using haproxy & stunnel

From: Amol <mandm_zoom#yahoo.com>
Date: Mon, 24 Oct 2011 14:13:54 -0700 (PDT)

Thanks Brane for the reply
but setting these options in my haproxy config

reqidel ^Server-Protocol:
reqadd Server-Protocol:\ https if src 127.0.0.1


gives me these errors

$ sudo /etc/init.d/haproxy restart
 * Restarting haproxy haproxy                                                                                         
 [ALERT] 296/171242 (1024) : parsing [/etc/haproxy/haproxy.cfg:91] : error detected while parsing a 'reqadd' condition.
[ALERT] 296/171242 (1024) : Error(s) found in configuration file : /etc/haproxy/haproxy.cfg
[ALERT] 296/171242 (1024) : Fatal errors found in configuration.





________________________________
From: Brane F. Gračnar <brane.gracnar#tsmedia.si>
To: haproxy#formilux.org; Amol <mandm_zoom#yahoo.com>
Sent: Monday, October 24, 2011 4:58 PM
Subject: Re: php $_server variable when using haproxy & stunnel

On Monday 24 of October 2011 20:48:33 Amol wrote:
> Hi, i was trying to check on my php variables using the following code on
> both my servers
> 
> <?php
> if($_SERVER['HTTPS'])
>     echo 'https';
> else
>     echo 'Not Https';
>    echo "<BR>";
> $port = $_SERVER['SERVER_PORT'];
> echo $port;
> echo "<BR>";
> 
> $protocol = $_SERVER["SERVER_PROTOCOL"];
> echo $protocol;
> ?>
> 
> my output would be:
> Not Https
> 80
> HTTP/1.1
> 
> my stunnel config is : ---
> 
> [https-load]
> cert=/etc/stunnel/ssl/group-wildcard.pem
> key = /etc/stunnel/ssl/name.key
> accept=100.00.10.10:443
> connect=11.10.51.231:8000
> TIMEOUTclose=0
> xforwardedfor=yes
> 
> 
>  and haproxy config is : ---
> 
> listen webcluster1 11.10.51.231:8000
>         mode http
>         stats enable
>         balance roundrobin
>         cookie BALANCEID insert indirect nocache
>         option httpclose
>         option forwardfor except 127.0.0.1
>         option httpchk HEAD /check.txt HTTP/1.0
>         #http-check disable-on-404
>         server load1-app 11.10.42.17:80 cookie A check
>         server load2-app 11.10.55.90:80 cookie B check
> 
> 
> How can i get my $_server variable to be 'https"? and is my connection
> secure as of this arrangement?

Between client and 100.00.10.10:443 => YES; between 100.00.10.10 and 
11.10.51.231 => NO.

If you want to have SERVER_PROTOCOL set to 'https' you should add this to your 
config:


reqidel ^Server-Protocol:
reqadd Server-Protocol:\ https if src 127.0.0.1

Regards, Brane
Received on 2011/10/24 23:13

This archive was generated by hypermail 2.2.0 : 2011/10/24 23:30 CEST