Re: [jetty-users] WordPress on CentOS 7 Linux

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

Re: [jetty-users] WordPress on CentOS 7 Linux

From: Alexander Farber <alexander.farber@xxxxxxxxx>
Date: Sun, 26 Jun 2016 22:28:52 +0200
Delivered-to: jetty-users@xxxxxxxxxxx
List-archive: <https://dev.eclipse.org/mailman/private/jetty-users>
List-help: <mailto:jetty-users-request@eclipse.org?subject=help>
List-subscribe: <https://dev.eclipse.org/mailman/listinfo/jetty-users>, <mailto:jetty-users-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://dev.eclipse.org/mailman/options/jetty-users>, <mailto:jetty-users-request@eclipse.org?subject=unsubscribe>

Hello again,

I have looked at /var/log/php-fpm/www-error.log

and HTTP_X_FORWARDED_PROTO is always "http".

Even though haproxy sets it to "https" with

reqadd X-Forwarded-Proto:\ https if { ssl_fc }

I have searched through Jetty source code

and it seems to set that header too:

# grep -r FORWARDED_PROTO jetty.project

jetty.project/jetty-http/src/main/java/org/eclipse/jetty/http/HttpHeader.java: X_FORWARDED_PROTO("X-Forwarded-Proto"),

jetty.project/jetty-proxy/src/main/java/org/eclipse/jetty/proxy/AbstractProxyServlet.java: proxyRequest.header(HttpHeader.X_FORWARDED_PROTO, clientRequest.getScheme());

jetty.project/jetty-server/src/main/java/org/eclipse/jetty/server/ForwardedRequestCustomizer.java: private String _forwardedProtoHeader = HttpHeader.X_FORWARDED_PROTO.toString();

Could I disable that through one of Jetty *.ini files?

Regards

Alex

On Sun, Jun 26, 2016 at 8:06 PM, Alexander Farber <alexander.farber@xxxxxxxxx> wrote:

Finally I copy the file from
https://www.eclipse.org/jetty/documentation/9.3.x/configuring-fastcgi.html
into /run/jetty/webapps/jetty-wordpress.xml

and start Jetty + php-fpm + haproxy with "systemctl start jetty" etc.

And Wordpress just works and is even faster than before!

My only problem is that with Apache I had the following wp-config.php

if (strpos($_SERVER['HTTP_X_FORWARDED_PROTO'], 'https') !== false)
$_SERVER['HTTPS'] = 'on'; // works with Apache, but not Jetty

if (preg_match('/^\d+\.\d+\.\d+\.\d+$/', $_SERVER['HTTP_X_FORWARDED_FOR']))
$_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_X_FORWARDED_FOR'];

And in my /etc/haproxy/haproxy.cfg I set these 2 variables:

defaults
mode http
option http-server-close
option forwardfor except 127.0.0.0/8

frontend public
bind 144.76.184.151:80
bind 144.76.184.151:443 ssl crt /etc/pki/tls/certs/slova.de.pem
reqidel ^X-Forwarded-Proto:
reqidel ^X-Forwarded-For:
reqadd X-Forwarded-Proto:\ https if { ssl_fc }
default_backend jetty

backend jetty
server domain 127.0.0.1:8888

References:
- [jetty-users] WordPress on CentOS 7 Linux
  - From: Alexander Farber

Prev by Date: [jetty-users] WordPress on CentOS 7 Linux
Next by Date: Re: [jetty-users] WordPress on CentOS 7 Linux
Previous by thread: [jetty-users] WordPress on CentOS 7 Linux
Next by thread: Re: [jetty-users] WordPress on CentOS 7 Linux
Index(es):
- Date
- Thread

Breadcrumbs