检测 PHP 中的 HTTPS 请求 [英] Detecting HTTPS requests in PHP

问题描述

我遇到的问题与需要保持网站的某些 url 受 HTTPS 保护而其余的被踢到 HTTP 相关.

The problem that I am having has to do with the need to keep some urls of a website protected by HTTPS and the rest kicked to HTTP.

通常，您有 $_SERVER['HTTP_HTTPS'] 或 $_SERVER['HTTPS'](取决于您的 Apache 风格).您还可以检查端口 - 正常流量为 80，HTTPS 为 443.

Normally, you have $_SERVER['HTTP_HTTPS'] or $_SERVER['HTTPS'] (depending on your flavor of Apache). You also can check the port - it's 80 for normal traffic and 443 for HTTPS.

我的问题是证书位于负载均衡器，并且所有这些变量都不可用，并且网络服务器看到http://www.foo.com 在端口 80 上.解决此问题的一种方法是告诉负载均衡器在不同的端口上发送流量，但我想知道是否还有其他方法可以检测 HTTPS来自负载平衡器?

My problem is that the certificate sits on the loadbalancer, and all these variables are unavailable, and the webserver sees http://www.foo.com on port 80. One way to fix this is to tell the loadbalancer to send the traffic on a different port, but I wonder if there are other ways to detect HTTPS coming from the load balancer?

推荐答案

如果负载均衡器是 SSL 连接的另一端，则除了负载均衡器明确提供的信息外，您无法获得更多信息.我会去添加一个 http 标头，它可能已经这样做了，转储所有的 HTTP 标头并查看.

If the load balancer is the other end of the SSL connection, you cannot get any more info than the load balancer explicitly provides. I would go for adding a http header, it may already be doing that, dump all the HTTP headers and look.

作为另一种解决方案，您可以根据 URL 在负载均衡器上进行重定向.

As another solution, you can do the redirection on the load balancer based on URL.

这篇关于检测 PHP 中的 HTTPS 请求的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！