[TYPO3-v4] Problems with typo3 behind reverse proxy.
Ulrich.Herbst at t-systems.com
Ulrich.Herbst at t-systems.com
Tue Oct 4 18:29:55 CEST 2011
Hi all,
ok, I think I've solved my problem:
1. reverseProxyIP has to be the IP-interface in direction to the typo3 server (this is just important for multi-homed reverse proxies). Only then the first condition ( if (self::cmpIP($_SERVER['REMOTE_ADDR'], $GLOBALS['TYPO3_CONF_VARS']['SYS']['reverseProxyIP']))) will be true.
2. reverseProxyHeaderMultiValue has to be first or last, but NOT empty or "none"
3. reverseProxySSL has to be empty (my reverse proxy doesn't use SSL).
Uli
-----Ursprüngliche Nachricht-----
Von: typo3-project-v4-bounces at lists.typo3.org [mailto:typo3-project-v4-bounces at lists.typo3.org] Im Auftrag von Herbst, Ulrich
Gesendet: Dienstag, 4. Oktober 2011 18:02
An: typo3-project-v4 at lists.typo3.org
Betreff: Re: [TYPO3-v4] Problems with typo3 behind reverse proxy.
Hi Steffen,
ok, so I checked in typo3:
1. reverseProxyIP is set - to the "official" internet ip adress of my reverse proxy 2. reverseProxyHeaderMultiValue is (now) set to first
3. I check with tcpdump/wireshark:
For packets from reverse proxy -> typo3-server, X-Forwarded-Host is set with the "official" domain-name.
X-Forwarded-For is set with "unknown,a.b.c.d" (a.b.c.d = internal ip address of reverse proxy".
4. Given the code from the issue 26088:
case 'HTTP_HOST':
$retVal = $_SERVER['HTTP_HOST'];
if (self::cmpIP($_SERVER['REMOTE_ADDR'], $GLOBALS['TYPO3_CONF_VARS']['SYS']['reverseProxyIP'])) {
$host = self::trimExplode(',', $_SERVER['HTTP_X_FORWARDED_HOST']);
// choose which host in list to use
if (count($host)) {
switch ($GLOBALS['TYPO3_CONF_VARS']['SYS']['reverseProxyHeaderMultiValue']) {
case 'last':
$host = array_pop($host);
break;
case 'first':
$host = array_shift($host);
break;
case 'none':
default:
$host = '';
break;
}
}
if ($host) {
$retVal = $host;
}
}
=> Is $_SERVER['HTTP_X_FORWARDED_HOST'] set from "X-Forwarded-Host"-HTTP-Header ?
If yes - than this code isn't working or isn't called.
I'm not very familiar with php - if you can give me some advice about debugging (or logging some values to a logfile or something similar), I can try this.
What exactly do you mean with "clearing the cache" ?
I did:
- call "Delete temp_CACHED* files "
- delete / recreate the whole typo3temp-directory
Is there more than that in "clearing the cache" ?
Uli
-----Ursprüngliche Nachricht-----
Von: typo3-project-v4-bounces at lists.typo3.org [mailto:typo3-project-v4-bounces at lists.typo3.org] Im Auftrag von Steffen Gebert
Gesendet: Dienstag, 4. Oktober 2011 12:27
An: typo3-project-v4 at lists.typo3.org
Betreff: Re: [TYPO3-v4] Problems with typo3 behind reverse proxy.
Hi Ulrich,
> we have a typo3 - installation with private IP-addresses behind a reverse proxy (with official IP addresses).
please have a look at
http://forge.typo3.org/issues/26088
and provide feedback. Otherwise I will close the issue soon, as I think there's not really a bug or nobody supports resolving it.
Kind regards
Steffen
--
Steffen Gebert
TYPO3 v4 Core Team Member
TYPO3 Server Administration Team Member
TYPO3 .... inspiring people to share!
Get involved: http://typo3.org
_______________________________________________
TYPO3-project-v4 mailing list
TYPO3-project-v4 at lists.typo3.org
http://lists.typo3.org/cgi-bin/mailman/listinfo/typo3-project-v4
_______________________________________________
TYPO3-project-v4 mailing list
TYPO3-project-v4 at lists.typo3.org
http://lists.typo3.org/cgi-bin/mailman/listinfo/typo3-project-v4
More information about the TYPO3-project-v4
mailing list