Tags pour la question fréquent:
PHP SSL

Aidez-nous par évaluer cet article

Score de 3, basé sur 2 votes

Comment detecter du traffic SSL sur le plateforme d'hébergement mutualisé Kinamo

Dernière mise à jour: 26/04/2016

The Kinamo web hosting platform allows you to use several types of SSL certificates.

The shared web hosting platform uses load balancers to spread the server requests on several webserver nodes (this to obtain a higher degree of redundancy and to ensure a stable PHP hosting platform).

On the Kinamo shared hosting platform, certificates are installed on the load balancers and traffic is being SSL offloaded to webserver nodes underneath.
What is the impact for you as a developer: the connections on the website will always be standard HTTP traffic (in other words everything arrives at port 80 and is not encrypted) since the load balancers have the task of decrypting traffic (hence the name "SSL offloading").

Often, an application requires you to check whether the visitor arrived through HTTPS on the website, and if this was not the case the visitor has to be redirected to the HTTPS website. On a standard webserver this imposes no problem and it can be achieved with simple PHP code by detecting whether the port on which the visitor arrived was port 80 (normal HTTP traffic) or port 443 (HTTPS traffic), or if the protocol being used was HTTP or HTTPS. On the Kinamo shared hosting platform this will not work because of the reason explained above (SSL offloading).
To solve this problem we have added two addiitonal headers. Based on these headers you may check whether the visitor arrived through HTTPS or not:

$_SERVER["HTTP_X_FORWARDED_PORT"]

This header will tell you the port on which the visitor arrived: in case of HTTPS it is 443, in case of normal HTTP traffic it is 80.

$_SERVER["HTTP_X_FORWARDED_PROTO"]

This header gives you the protocol on which the visitor traffic arrived, HTTPS or HTTP.

The simple example below shows you how you may detect by port or protocol whether someone arrived the correct way, if this is not the case, the visitor will be redirected to the correct URL.
Attention, this code ONLY works on the Kinamo hosting platform! For standard PHP, other server headers are used!

if ($_SERVER['HTTP_X_FORWARDED_PORT'] != 443 || $_SERVER['HTTP_X_FORWARDED_PROTO'] != 'https')
{
    $redirect = "Location: https://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
    header( $redirect, true, 301 );
    exit(0);
}

Happy coding!