Re: [jetty-users] WordPress on CentOS 7 Linux

Sun, 26 Jun 2016 13:29:16 -0700 

Hello again,

I have looked at /var/log/php-fpm/www-error.log
and HTTP_X_FORWARDED_PROTO is always "http".

Even though haproxy sets it to "https" with

    reqadd X-Forwarded-Proto:\ https if { ssl_fc }

I have searched through Jetty source code
and it seems to set that header too:

# grep -r FORWARDED_PROTO jetty.project
jetty.project/jetty-http/src/main/java/org/eclipse/jetty/http/HttpHeader.java:
   X_FORWARDED_PROTO("X-Forwarded-Proto"),
jetty.project/jetty-proxy/src/main/java/org/eclipse/jetty/proxy/AbstractProxyServlet.java:
       proxyRequest.header(HttpHeader.X_FORWARDED_PROTO,
clientRequest.getScheme());
jetty.project/jetty-server/src/main/java/org/eclipse/jetty/server/ForwardedRequestCustomizer.java:
   private String _forwardedProtoHeader =
HttpHeader.X_FORWARDED_PROTO.toString();

Could I disable that through one of Jetty *.ini files?

Regards
Alex



On Sun, Jun 26, 2016 at 8:06 PM, Alexander Farber <
[email protected]> wrote:

>
> Finally I copy the file from
> https://www.eclipse.org/jetty/documentation/9.3.x/configuring-fastcgi.html
> into /run/jetty/webapps/jetty-wordpress.xml
>
> and start Jetty + php-fpm + haproxy with "systemctl start jetty" etc.
>
> And Wordpress just works and is even faster than before!
>
> My only problem is that with Apache I had the following wp-config.php
>
> if (strpos($_SERVER['HTTP_X_FORWARDED_PROTO'], 'https') !== false)
>         $_SERVER['HTTPS'] = 'on';  // works with Apache, but not Jetty
>
> if (preg_match('/^\d+\.\d+\.\d+\.\d+$/', $_SERVER['HTTP_X_FORWARDED_FOR']))
>         $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_X_FORWARDED_FOR'];
>
> And in my /etc/haproxy/haproxy.cfg I set these 2 variables:
>
> defaults
>     mode                    http
>     option http-server-close
>     option forwardfor       except 127.0.0.0/8
>
> frontend public
>     bind 144.76.184.151:80
>     bind 144.76.184.151:443 ssl crt /etc/pki/tls/certs/slova.de.pem
>     reqidel ^X-Forwarded-Proto:
>     reqidel ^X-Forwarded-For:
>     reqadd X-Forwarded-Proto:\ https if { ssl_fc }
>     default_backend jetty
>
> backend jetty
>     server domain 127.0.0.1:8888
>
>
>
>

_______________________________________________
jetty-users mailing list
[email protected]
To change your delivery options, retrieve your password, or unsubscribe from 
this list, visit
https://dev.eclipse.org/mailman/listinfo/jetty-users

Reply via email to