Hello,

I've used Pound for a while and haven't kept up-to-date, so forgive a 
stupid question...

My new project involves a PHP app that I didn't write... When Pound 
handles the HTTPS decrypt/encrypt for the Apache2.2/PHP5 application.  
The application guesses from its environmental variables that the 
request is HTTP, not HTTPS, because Pound has already processed it and 
handed it off.  So this app, is open source and written by many 
(including libraries), sothat I can't force it to write HTTPS URLs 
without straying from vanilla too far.

Can I tell Pound to pass the HTTPS through to the Apache backends for 
SSL decryption, and pick up Pound's great Load Balancing/Failover and 
Session management by IP features?  Can it ignore the encryption and 
just manage the backends and the IP?  Can Pound tell through headers the 
Apache2.2/PHP5 framework that it's environment is HTTPS and override its 
actual HTTP behaviour

Very happy with Pound... and hoping it does this and I just don't know how.

Thanks In Advance

-Jonathan Cyr

Hi,

maybe you can use this option in your pound.cfg

HTTPSHeaders 1 "X-Forwarded-Proto: https"

And detect this header in your PHP application, but it may need to be 
changed a little bit.

Olivier[...]

In addition, we used this for one of our projects:

if ($_SERVER['SERVER_PORT'] != 80 || 
(isset($_SERVER['HTTP_FRONT_END_HTTPS']) && 
$_SERVER['HTTP_FRONT_END_HTTPS'] == "On")) {
    // this is https call
    ...
  }

I can't remember if the header HTTP_FRONT_END_HTTPS was manually created 
by us or if it comes from pound and the option I gave you just before.

Maybe you should just print the headers you receive in the backend 
server : print_r($_SERVER) and see what's available here.

Olivier

[...][...][...]

[...]