Snippet for forcing HTTPS when behind a proxy.

2018-11-08 13:39:40 +01:00 · 2015-02-09 09:47:05 -05:00 · 2015-02-09 09:47:05 -05:00 · a4652d9528
commit a4652d9528
parent 424cf96c54
1 changed files with 9 additions and 1 deletions
--- a/README.md
+++ b/README.md
@ -11,6 +11,7 @@ A collection of useful .htaccess snippets, all in one place. I decided to create
    - [Force www in a Generic Way](#force-www-in-a-generic-way)
    - [Force non-www](#force-non-www)
    - [Force HTTPS](#force-https)
+    - [Force HTTPS Behind Proxy](#force-https-behind-proxy)
    - [Force Trailing Slash](#force-trailing-slash)
    - [Redirect a Single Page](#redirect-a-single-page)
    - [Redirect an Entire Site](#redirect-an-entire-site)
@ -69,6 +70,13 @@ RewriteCond %{HTTPS} !on
 RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
 ```

+### Force HTTPS Behind Proxy
+Useful if you have a proxy in front of your server performing TLS termination.
+``` apacheconf
+RewriteCond %{HTTP:X-Forwarded-Proto} !https
+RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
+```
+
 ### Force Trailing Slash
 ``` apacheconf
 RewriteCond %{REQUEST_URI} /+[^\.]+$
@ -335,4 +343,4 @@ AddDefaultCharset utf-8
 # Force UTF-8 for a number of file formats
 AddCharset utf-8 .atom .css .js .json .rss .vtt .xml
 ```
-[Source](http://h5bp.com)
+[Source](http://h5bp.com)