/ Zope / Apsis / Pound Mailing List / Archive / 2007 / 2007-12 / redirect question

[ << ] [ >> ]

[ Internal Server Error / "Asghar Ali" ... ] [ pound control socket permissions / Steve ... ]

redirect question
=?ISO-8859-2?Q?KOZMAN_B=E1lint?= <qzy(at)ultramarin.hu>		 2007-12-12 21:07:23 [ FULL ] 
Hi there,

I have a simple pound 2.3.2 setup, with two listeners: on for http and one 
for https connections.
My problem is that some sites behind pound use the Location header to 
redirect http requests to https (typicaly webmail login screens, etc).
But with RewriteLocation and RewriteDestination set to 1, these will turn 
to an infinite loop, as pound will replace all https Locations with http.
What settings should I use to resolve this issue?

Here is what I have now in pound.cfg:
[...]

ListenHTTP
     Address x.x.x.x
     Port 80
     xHTTP 3
     RewriteLocation 1
     RewriteDestination 1
End

ListenHTTPS
     Address x.x.x.x
     Port 443
     Cert "/etc/pound/site.pem"
     Ciphers "ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM:-SSLv2"
     xHTTP 3
     RewriteLocation 1
     RewriteDestination 1
     AddHeader "PROXY-HTTPS: ON"
End
[...]



And in the backend apache config:
[...]

RewriteEngine on
RewriteCond %{HTTP:PROXY-HTTPS} !^ON$ [NC]
RewriteRule ^/(.*)    https://sitename.com/$1 [R]
[...]



Thanks for any help,
Balint
MailBoxer