问题
I’ve got a lighttpd server behind an AWS load balancer. The ELB handles all the SSL stuff for me and forwards the requests to lighttpd over HTTP on port 80, setting the X-Forwarded-Proto header along the way.
As I only want to have one specific page go via HTTPS and everything else over HTTP, I wanted to setup redirects in the lighttpd config file, like:
$HTTP["scheme"] == "https" {
$HTTP["host"] !~ ".*ttc/(index.html)?$" {
$HTTP["host"] =~ "(.*)" {
url.redirect = ( "^(.*)$" => "http://%1$1")
}
}
}
This, of course, doesn’t work, as lighttpd only sees HTTP requests…
I had a look at mod_extforward, but that only seems to provide access to the X-Forwarded-For header.
I’ll appreciate any suggestions on how to address this, without switching away from lighttpd.
回答1:
I couldn't find answer to this so I've hacked using port configuration as follows:
HTTPS 443 (elb) => 80 (instance)
HTTP 80 (elb) => 81 (instance)
and in Lighttpd config:
$SERVER["socket"] == ":81" {
# capture vhost name with regex conditiona -> %0 in redirect pattern
# must be the most inner block to the redirect rule
$HTTP["host"] =~ ".*" {
url.redirect = (".*" => "https://%0$0")
}
}
So basically when Lighttpd detects that connection is made to 81, it just redirects it to https.
回答2:
What version of lighttpd are you using? I am looking at 1.4.36 and see that mod_extforward.c does handle X-Forwarded-Proto.
If this still does not work for you with lighttpd 1.4.36, perhaps mod_extforward needs to be loaded prior to some other modules in your lighttpd.conf?
来源:https://stackoverflow.com/questions/28414799/access-x-forwarded-proto-in-lighttpd-configiuration