Last updated on 06 Sept 2023, 13:16:49.
Category:
All about SSL certificates
| SSL technical
The Kinamo web hosting platform allows you to use several types of SSL certificates.
The shared web hosting platform uses load balancers to spread the server requests on several webserver nodes (this to obtain a higher degree of redundancy and to ensure a stable PHP hosting platform).
On the Kinamo shared hosting platform, certificates are installed on the load balancers and traffic is being SSL offloaded to webserver nodes underneath.
What is the impact for you as a developer: the connections on the website will always be standard HTTP traffic (in other words everything arrives at port 80 and is not encrypted) since the load balancers have the task of decrypting traffic (hence the name "SSL offloading").
Often, an application requires you to check whether the visitor arrived through HTTPS on the website, and if this was not the case the visitor has to be redirected to the HTTPS website. On a standard webserver this imposes no problem and it can be achieved with simple PHP code by detecting whether the port on which the visitor arrived was port 80 (normal HTTP traffic) or port 443 (HTTPS traffic), or if the protocol being used was HTTP or HTTPS. On the Kinamo shared hosting platform this will not work because of the reason explained above (SSL offloading).
To solve this problem we have added two addiitonal headers. Based on these headers you may check whether the visitor arrived through HTTPS or not:
$_SERVER["HTTP_X_FORWARDED_PORT"]
This header will tell you the port on which the visitor arrived: in case of HTTPS it is 443, in case of normal HTTP traffic it is 80.
$_SERVER["HTTP_X_FORWARDED_PROTO"]
This header gives you the protocol on which the visitor traffic arrived, HTTPS or HTTP.
if ($_SERVER['HTTP_X_FORWARDED_PORT'] != 443 || $_SERVER['HTTP_X_FORWARDED_PROTO'] != 'https') { $redirect = "Location: https://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']; header( $redirect, true, 301 ); exit(0); }
Wordpress requires some adjustments to correctly detect HTTPS traffic. For this we would like to refer you to the FAQ item about Wordpress and HTTPS traffic detection.
Happy coding!
Were not all your questions answered?
Don't worry, we will be happy to help you via a support request!