Created
March 21, 2017 21:05
-
-
Save ptheofan/0578a8f52ca06348675d10eebf60da9d to your computer and use it in GitHub Desktop.
Cloudflare flexible SSL - trick PHP scripts to identify HTTPS when cloudflare reports it was HTTPS request
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /* | |
| Instructions | |
| Go to your php.ini for the web scripts (pointless for cli scripts) | |
| Make the following adjustment | |
| auto_prepend_file = full/path/to/clousflare_https_prefix.php | |
| reload/restart php service (or apache if running via apache) | |
| How this works | |
| This script will automatically run before any other php script runs (on incoming requests) | |
| This script will check if cloudflare has set the HTTPS protocol forwarding header (HTTP_X_FORWARDED_PROTO) | |
| and will adjust the $_SERVER variables accordingly if so. | |
| */ | |
| if(!empty($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https'){ | |
| $_SERVER['REQUEST_SCHEME'] = str_replace('http', 'https', $_SERVER['REQUEST_SCHEME']); | |
| $_SERVER['SERVER_PROTOCOL'] = str_replace('HTTP', 'HTTPS', $_SERVER['SERVER_PROTOCOL']); | |
| $_SERVER['HTTPS'] = 'on'; | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment