force_ssl_login produces redirect chain #2073

anonymous-piwik-user · 2011-02-07T23:54:23Z

I am running piwik on nginx with php-fpm and I have configured a vhost for port 80 and one for 443. Both work just fine and I am able to login and use piwik via https.

However if I enable "force_ssl_login" Safari throws a "Too many redirects" error.

When using curl -k -v https://my-host.com/ I'm getting another
HTTP/1.1 302 Moved Temporarily
Location: https://my-host.com/

Is there maybe a header that is missing like X-FORWARDED-PROTO?
Keywords: ssl

anonymous-piwik-user · 2011-02-07T23:57:34Z

Hmm, forget the last line - that header should only be relevant in proxy setups

robocoder · 2011-02-08T00:07:33Z

Your nginx configuration doesn't appear to set the HTTPS environment variable (which PHP looks for in $_SERVER['HTTPS']). Add this to your nginx config:

fastcgi_param HTTPS on;

anonymous-piwik-user · 2011-02-08T08:28:24Z

Thank you! That helped!

mattab · 2014-02-11T04:01:50Z

how do I force Piwik to use SSL for more security?

anonymous-piwik-user added this to the Piwik 1.2 milestone Jul 8, 2014

anonymous-piwik-user added T: Bug labels Jul 8, 2014

mattab added the R: worksforme label Aug 3, 2014

This issue was closed.

matomo-org / matomo

force_ssl_login produces redirect chain #2073

force_ssl_login produces redirect chain #2073

anonymous-piwik-user commented Feb 7, 2011

anonymous-piwik-user commented Feb 7, 2011

robocoder commented Feb 8, 2011

anonymous-piwik-user commented Feb 8, 2011

mattab commented Feb 11, 2014

matomo-org / matomo

Sponsor matomo-org/matomo

force_ssl_login produces redirect chain #2073

force_ssl_login produces redirect chain #2073

Comments

anonymous-piwik-user commented Feb 7, 2011

anonymous-piwik-user commented Feb 7, 2011

robocoder commented Feb 8, 2011

anonymous-piwik-user commented Feb 8, 2011

mattab commented Feb 11, 2014