Hi All
I've been using pound 2.5 for some time and it's been working nicely.
I'm just in the process of building a new LB using pound 2.6 and I'm hitting a
problem
I'm not certain it's related to the version.
Anyway, my current load balancer is handling SSL termination for me.
I've created some rules so that people accessing the login or registration
pages are redirected to https.
That's been working fine.
On 2.6 the same configuration does not work. When I try and access login i end
up in a redirect loop rather then being redirected to the page.
here are the relevant files;
pound.cfg:
ListenHTTP
Address <IP address>
Port 80
#RewriteLocation 2 was required with 2.5 to make this work
RewriteLocation 2
#Normal service statements...
ListenHTTPS
Address <IP address>
Port 443
Cert "/etc/ssl/localcerts/site.pem"
CAList "/etc/ssl/localcerts/gd_bundle.crt"
#Add a header so we know the connection has passed via https.
AddHeader "IS_SSL: SSL"
RewriteLocation 2
Then, on the web servers the .htaccess file is as follows;
Options +FollowSymLinks -MultiViews
RewriteEngine On
RewriteBase /
# force https for /login and /register
# first check that we DON'T have the IS_SSL header set to SSL (it would
only be set when we pass through ListenHTTPS on the LB
RewriteCond %{HTTP:IS_SSL} !^SSL$
# if it's not set, rewrite to HTTPS for these pages.
RewriteRule ^(login|register|payment.*|gopro)$
https://%{HTTP_HOST}%{REQUEST_URI} [R=302,L]
# don't do anything for images/css/js (leave protocol as is)
RewriteRule \.(woff|gif|jpe?g|png|css|js)$ - [NC,L]
# force http for all other URLs
RewriteCond %{HTTP:IS_SSL} ^SSL$
RewriteCond %{REQUEST_URI} !^/(login|register|payment.*|gopro)$
RewriteRule .* http://%{HTTP_HOST}%{REQUEST_URI} [R=302,L]
The log output (as you can see it just loops).
strip per-dir prefix: /home/flooting/src/YMGN/trunk/www/flooting/login -> login
applying pattern '^(login|register|payment.*|gopro)$' to uri 'login'
rewrite 'login' -> 'https://flooting.com/login'
explicitly forcing redirect with https://flooting.com/login
trying to replace prefix /home/flooting/src/YMGN/trunk/www/flooting/ with /
escaping https://flooting.com/login for redirect
redirect to https://flooting.com/login [REDIRECT/302]
strip per-dir prefix: /home/flooting/src/YMGN/trunk/www/flooting/login -> login
applying pattern '^(login|register|payment.*|gopro)$' to uri 'login'
rewrite 'login' -> 'https://flooting.com/login'
explicitly forcing redirect with https://flooting.com/login
trying to replace prefix /home/flooting/src/YMGN/trunk/www/flooting/ with /
escaping https://flooting.com/login for redirect
redirect to https://flooting.com/login [REDIRECT/302]
strip per-dir prefix: /home/flooting/src/YMGN/trunk/www/flooting/login -> login
applying pattern '^(login|register|payment.*|gopro)$' to uri 'login'
rewrite 'login' -> 'https://flooting.com/login'
explicitly forcing redirect with https://flooting.com/login
trying to replace prefix /home/flooting/src/YMGN/trunk/www/flooting/ with /
As I said, this has been working fine.
The only change I'm aware of is the version change, but perhaps there is
something else I've missed in the new machine.
Any thoughts greatly appreciated.
Mark.
--
To unsubscribe send an email with subject unsubscribe to [email protected].
Please contact [email protected] for questions.
