https://bz.apache.org/bugzilla/show_bug.cgi?id=59829
Yordan Gigov <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #34741|0 |1 is obsolete| | --- Comment #22 from Yordan Gigov <[email protected]> --- Created attachment 34781 --> https://bz.apache.org/bugzilla/attachment.cgi?id=34781&action=edit Allow multiple SSL ports It came to mind that hosting providers often have their administration system on a different port than the main, so allowing for multiple ports to be detected as secure would give them that flexibility. For example port 443 is the default, but maybe they also use 8443 (common secondary HTTPS port). That also means they should probably send a the port information. Tested via ProxyProtocol v2, as optional setting, both with and without ProxyProtocol. Settings names have been made more consistent to be obvious they belong to this mod. Current logic is this after validating proxy: If RemoteIPServerPortHeader is set and given, then port information is available. If using ProxyProtocol, then port information is available. If not using ProxyProtocol, and RemoteIPSecureHeader is sent valid value, set secure = on. If RemoteIPSSLPorts is set, and port info is available { Check if port is in list. Override secure setting from RemoteIPSecureHeader. Ports are given higher priority. } If RemoteIPSSLPorts is not set and port info is available, then SSL port defaults to 443 and overrides RemoteIPSecureHeader setting. If RemoteIPSSLPorts is not set and no port info is available, but RemoteIPSecureHeader has set secure, then port defaults to 443. I believe all that's left to do now is documentation. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
