Thank your for your reply. Yes, I have already traveled down that route and talked with our DevOps guys. The system that handles SSL termination is a system they want little or no configuration on. They (DevOps) understand that this could be handled there, but they wont make the change there.
That still leaves me in a position to fix this problem. Mod_headers should allow me to edit that Header, but in this specific case, for whatever reason, Mod_headers is not being invoked. Thanks, --mjk On Tue, Feb 7, 2017 at 8:00 AM, Daniel <[email protected]> wrote: > It is perfectly normal for a backend that works with http to return > internal Location headers with http. > > If apache is the backend of some other reverse proxy it is the job of that > reverse proxy to use the correct url scheme requested by the client, that > is, to revert the location headers back to "https" where that behaviour is > needed. > > For instance, if the reverse proxy was Apache, it has a directive for that > called ProxyPassReverse which does exactly that. > > Have you tried to "address this" in the reverse proxy where SSL > termination is? > > 2017-02-07 4:40 GMT+01:00 mjk <[email protected]>: > >> I have spent 8+hours scouring the web, reviewing the Apache Httpd >> Cookbook, the Definitive Reference, and the 2.2 documentation for >> mod_headers, mod_proxy and core. >> >> >> CONFIGURATION: >> Apache Version: >> Server version: Apache/2.2.15 (Unix) >> Server built: Jul 18 2016 15:24:00 >> >> SSL offloading happens before the requests gets to Apache, which proxies >> http traffic to Apache on port 80. >> >> The Apache VirtualHost config in question does not have a ServerName or >> ServerAlias configured, and is configured to listen on port 80. >> >> SITUATION >> I have a Rewrite rule issuing a 301 redirect which uses flags >> [NC,R=301,L] - which redirects to the correct hostname, but using http as >> the protocol. >> >> I have a mod_headers rule to try to deal with this: Header always edit >> Location ^http://(.*) https://$1 >> This rule is getting completely ignored. >> >> >> If I add a wholly new Header like: Header always add SillyHeader >> SillyHeaderValue >> the header DOES get added. >> >> >> Does anyone know why the "Header always edit" rule is getting ignored? >> >> Thank you, >> >> --mjk >> > > > > -- > *Daniel Ferradal* > IT Specialist > > email dferradal at gmail.com > linkedin es.linkedin.com/in/danielferradal >
