All about SSL certificates

All about SSL certificates

How to detect SSL traffic on the Kinamo shared hosting platform

Category: All about SSL certificates | SSL technical

PHP SSL

The Kinamo web hosting platform allows you to use several types of SSL certificates.

The shared web hosting platform uses load balancers to spread the server requests on several webserver nodes (this to obtain a higher degree of redundancy and to ensure a stable PHP hosting platform).

Using SSL certificates on the Kinamo shared hosting platform

On the Kinamo shared hosting platform, certificates are installed on the load balancers and traffic is being SSL offloaded to webserver nodes underneath.
What is the impact for you as a developer: the connections on the website will always be standard HTTP traffic (in other words everything arrives at port 80 and is not encrypted) since the load balancers have the task of decrypting traffic (hence the name "SSL offloading").

How to detect whether a visitor arrived through HTTPS or not?

Often, an application requires you to check whether the visitor arrived through HTTPS on the website, and if this was not the case the visitor has to be redirected to the HTTPS website. On a standard webserver this imposes no problem and it can be achieved with simple PHP code by detecting whether the port on which the visitor arrived was port 80 (normal HTTP traffic) or port 443 (HTTPS traffic), or if the protocol being used was HTTP or HTTPS. On the Kinamo shared hosting platform this will not work because of the reason explained above (SSL offloading).
To solve this problem we have added two addiitonal headers. Based on these headers you may check whether the visitor arrived through HTTPS or not:

$_SERVER["HTTP_X_FORWARDED_PORT"]

This header will tell you the port on which the visitor arrived: in case of HTTPS it is 443, in case of normal HTTP traffic it is 80.

$_SERVER["HTTP_X_FORWARDED_PROTO"]

This header gives you the protocol on which the visitor traffic arrived, HTTPS or HTTP.

PHP HTTPS header detection

The simple example below shows you how you may detect by port or protocol whether someone arrived the correct way, if this is not the case, the visitor will be redirected to the correct URL.Attention, this code ONLY works on the Kinamo hosting platform! For standard PHP, other server headers are used! 
if ($_SERVER['HTTP_X_FORWARDED_PORT'] != 443 || $_SERVER['HTTP_X_FORWARDED_PROTO'] != 'https')
{
 $redirect = "Location: https://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
 header( $redirect, true, 301 );
 exit(0);
}

Set up Wordpress for HTTPS

Wordpress requires some adjustments to correctly detect HTTPS traffic. For this we would like to refer you to the FAQ item about Wordpress and HTTPS traffic detection.

Happy coding!

Related articles

What is a Qualified Website Authentication Certificate (QWAC)?

In this article, we explain what a Qualified Website Authentication Certificate (QWAC) SSL certificate is, what they are used for...

Read more

Determining the correct number of child processes for PHP-FPM

Optimize PHP-FPM child processes to prevent downtime and performance issues. Learn how to configure them efficiently with this guide.

Read more

Buy an SSL certificate? What is an SSL certificate?

Find out what an SSL certificate is, why it is essential for site security and how easy buying an SSL...

Read more

Need extra help?

Were not all your questions answered?
Don't worry, we will be happy to help you via a support request!

Kinamo

Select your language

All languages: