How to detect reverse proxy and SSL frontend

ap edited this page Nov 9, 2011 · 4 revisions

Short answer: use Plack::Middleware::ReverseProxy and configure frontend accordingly to set X-Forwarded-* headers

You can enable ReverseProxy middleware to detect the frontend proxy configured headers, like the forwarded client's IP and ports. Plack::Request by default uses HTTP_HOST as well as psgi.url_scheme environment variable to construct the URL, so using ReverseProxy middleware makes it possible to make your application aware that it is running behind the frontend proxy, and if configured, uses https instead of http when building a URL.

Then you have to configure frontend proxy such as lighttpd, Apache mod_proxy, perlbal, nginx etc. to set appropriate headers, such as:

  • X-Forwarded-For (downstream client IP Address)
  • X-Forwarded-HTTPS (whether it is listening on SSL)
  • X-Forwarded-Proto (HTTP or HTTPS)
  • X-Forwarded-Host (which hostname it binds on, if it should be different from Host: header)
  • X-Forwarded-Port (which port the server listens on, if it's not included in Host: header)