(Tutorial) Configuring an Apache2 SSL Proxy for Drupal
Tutorial: Configuring an Apache2 SSL Proxy for Drupal
There are numerous benefits to using a proxy server. These include, but are not limited to, performance benefits from load balancing and security benefits from the additional layer of separation between outside users and the web server(s).
A clear set of instructions for configuring an Apache2 SSL proxy for a Drupal site is hard to find. Here is a solution that has worked for me. I hope it will spare others some frustration.
My initial attempt at my SSL proxy was to encrypt traffic between the client browser and the proxy server only. The back-end connection between the proxy server and the drupal server was over an SSH tunnel, so I concentrated only on the client-side encryption. The problems that I experienced where:
Connections would switch from HTTPS to HTTP after every form submission.
The "Enable Secure Pages" radio buttons in the Secure Pages Module where disabled.
A review of the source code for the Secure Pages module showed that it requires that the PHP global variable $_SERVER['HTTPS'] be set. This was not occurring and therefore the Secure Pages module disabled itself. Since the connection from the proxy server to the Drupal server was unencrypted HTTP, the Drupal server's PHP engine was correctly leaving $_SERVER['HTTPS'] not set.
Courtesy : Mellonway.Com
- guru's blog
- Login to post comments
![Drupal-6-Book-[Building Powerful and Robust Websites with Drupal 6].jpg](http://www.drupalranch.com/images/Drupal-6-Book-[Building%20Powerful%20and%20Robust%20Websites%20with%20Drupal%206].jpg)