HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.
Search
-
Re: (WIP) notes on scaling Vanilla on AWS EC2
@Linc can you elaborate on why this isn't an appropriate solution? Just because it's a vendor-specific header? An alternative would be, in .htaccess: SetEnvIf cloudfront-forwarded-proto https HTTPS=on I thought adding it to class.request.php would be more appropriate, as that's where other forwarding headers are being… -
Re: (WIP) notes on scaling Vanilla on AWS EC2
I've asked our ops team for more information about this, since we must do something similar with our loadbalancers. The correct way to do this is for the intercepting servers to set the X-Forwarded-Proto header, which should in turn set a HTTP_X_FORWARDED_PROTO server variable to https in your server config, which is what… -
Re: (WIP) notes on scaling Vanilla on AWS EC2
-
Re: (WIP) notes on scaling Vanilla on AWS EC2
One issue I've encountered so far is that if I terminate SSL at the Cloudfront layer, it's not picked up in PHP. This leads to the forum writing links starting with http:// instead of https://. The root cause here is that Cloudfront reports SSL state using a custom header, CLOUDFRONT_FORWARDED_PROTO. To get around this,… -
Re: (WIP) notes on scaling Vanilla on AWS EC2
-
Re: (WIP) notes on scaling Vanilla on AWS EC2
Yes, it's primarily because we don't want vendor-specific kludges in core. I'd at least wanna see a hook put in place where an addon could handle this for AWS sites. I can't think of a way to exploit switching the scheme by setting that header but putting conditions like that in core is a good way to start making things…
6 results