<p dir="ltr">Is it not okay to just set the trusted hosts param to .* for such setups as the layers in front of the webserver make sure only the correct requests come through?</p>
<p dir="ltr">Gr. Frans</p>
<div class="gmail_quote">Op 27 mei 2014 10:25 schreef "JoH asenau" <<a href="mailto:info@cybercraft.de">info@cybercraft.de</a>>:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
HTTP_HOST<br>
redaktion.domain.tld<br>
SERVER_NAME<br>
redaktion.domain.tld<br>
SERVER_PORT<br>
17101<br>
REQUEST_URI<br>
/typo3/install/index.php?<u></u>TYPO3_INSTALL[type]=phpinfo<br>
REMOTE_ADDR<br>
10.91.65.199<br>
</blockquote>
<br>
I'm still wondering what setup create such result. You are requesting on<br>
port 80 but SERVER_PORT is set to 17101 ...<br>
</blockquote>
<br>
Well - yes and no ;-)<br>
<br>
No server is listening on port 80, since the setup is based on so called transparent proxies - at least this is what our admin told me - so incoming requests are on port 80n until they hit the load balancer. Then the target ports are set by the load balancers, so the incoming request for the server is already using the desired port depending on, which server the balancers sent the request to. Actually each server for a certain domain is listening on the same port, but we could even have different ports for the same domain, i.e. to make sure the requests will always hit the same server once the connection has been established for the first time.<br>
<br>
Now when there is no trailing slash, the Nginx rewrite rule is set to redirect to the same URL but with a trailing slash. And it seems that this just kind of "reveals" the port the server is running on by adding it to the domain, which is how we found out the solution by accident.<br>
<br>
So both<br>
<br>
blah.domain.tld/typo3/<br>
<br>
and<br>
<br>
blah.domain.tld:12345/typo3/<br>
<br>
are coming in on the same port on the server, but only the latter works with the default setting for trustedHostsPattern, which is SERVER_NAME but actually compares SERVER_NAME and SERVER_PORT according to the install tool label.<br>
<br>
HTH<br>
<br>
Joey<br>
<br>
-- <br>
Wenn man keine Ahnung hat: Einfach mal Fresse halten!<br>
(If you have no clues: simply shut your gob sometimes!)<br>
Dieter Nuhr, German comedian<br>
Xing: <a href="http://contact.cybercraft.de" target="_blank">http://contact.cybercraft.de</a><br>
Twitter: <a href="http://twitter.com/bunnyfield" target="_blank">http://twitter.com/bunnyfield</a><br>
TYPO3 cookbook (2nd edition): <a href="http://www.typo3experts.com" target="_blank">http://www.typo3experts.com</a><br>
______________________________<u></u>_________________<br>
Before posting to this list, please have a look to the posting rules<br>
on the following websites:<br>
<br>
<a href="http://typo3.org/teams/core/core-mailinglist-rules/" target="_blank">http://typo3.org/teams/core/<u></u>core-mailinglist-rules/</a><br>
<a href="http://typo3.org/development/bug-fixing/diff-and-patch/" target="_blank">http://typo3.org/development/<u></u>bug-fixing/diff-and-patch/</a><br>
______________________________<u></u>_________________<br>
TYPO3-team-core mailing list<br>
<a href="mailto:TYPO3-team-core@lists.typo3.org" target="_blank">TYPO3-team-core@lists.typo3.<u></u>org</a><br>
<a href="http://lists.typo3.org/cgi-bin/mailman/listinfo/typo3-team-core" target="_blank">http://lists.typo3.org/cgi-<u></u>bin/mailman/listinfo/typo3-<u></u>team-core</a><br>
</blockquote></div>