Https problem

Silverstripe Version: 4

**Question: http to https **

Hello since it is not possible for my hosting provider to use the rewrite function via htaccess, I am looking for a way to use the silverstripe instead of http directly https.

I would be glad for any help

// Include any relevant code. If you have a lot of code, link to a gist instead.

Do i understand it correctly that you want a simple redirect from http to https when somebody comes to your website?

SilverStripe requires mod_rewrite and makes use of it via .htaccess so you may need to switch hosting provider if you want to have a smooth ride with SS. That said, you can use Director::forceSSL() to redirect to https.

1 Like

@maximum3012 See this comment. You can force the site to use SSL with the Director class

Thank you. I found the problem. in the page.ss the base tag was deposited with the following code.

<% base_tag %>
on website

base href=“http://www.domain.net/”><!–[if lte IE 6]><![endif]

I inserted the base tag manually with https

base href=“https://www.domain.net/”><!–[if lte IE 6]><![endif]

now it works fine

OK it dosnt work fine.

How i can change the baseURL?

You have to write rule in .htaccess for redirect

This is old but I had the same problem yesterday. The site was running in a Docker container behind Traefik. Traefik is rerouting to the https version, none of the routes worked.

The only thing that seemed to fix the https base_tag was adding this to /src/app/_config/app.yml

SilverStripe\Control\Director:
  alternate_base_url: 'https://dev.<website>.co.nz'

Anyone know why?

The code on the docker container would create the base tag based on the protocol the server is using. If the https request is being terminated at your proxy, then the application code would assume it was running non-https and create the base tag accordingly.

@Tim

Thanks for the reply. Interesting. I checked out $_SERVER[‘SERVER_PROTOCOL’] and it is http/1.1. $_SERVER[‘HTTP_X_FORWARDED_PROTO’] is https.

Probably getting off topic, but I thought traefic was handling redirection - I mean the site is under https in the browser.

Traefik rules:

labels:
- “traefik.enable=true”
- “traefik.backend=website–dev”
- “traefik.frontend.rule=Host:dev.website.co.nz”
- “traefik.frontend.headers.SSLRedirect=true”
- “traefik.frontend.headers.SSLHost=dev.website.co.nz”
- “traefik.frontend.headers.SSLForceHost=true”
- “traefik.frontend.redirect.regex=https://dev.website.co.nz/(.*)”
- “traefik.frontend.redirect.replacement=https://dev.website.co.nz/$${1}”

I’m not especially familiar with Traefic, but it looks like it works the way a lot of proxies do. If you have installed an SSL certificate in the proxy, but not in the backend servers then the SSL is probably terminating in Traefic. That means the browser connection to the entry point is HTTPS, but the backend traffic from your servers to the proxy is HTTP (which is why you’re seeing what you are when looking at the backend machines).

Makes sense. I’m also green with traefik, it’s a small miracle I’ve this far TBH lol.

The certs are run through Lets Encrypt somehow. The traefik config for it is just:

storage = “acme.json”
OnHostRule = true
entryPoint = “https”
[acme.httpChallenge]
entryPoint = “http”

Anyway, thanks for your posts :+1:

Apologies for reviving an old thread, but it may be pertinent for people who find this in the future. A possible solution to the issue of proxies is detailed here:

http://www.silverstrip.es/blog/silverstripe-4-behind-haproxy/

great thread thanks a lot