Drupal, Traffic Server, HTTPS and CDNs

I use Drupal for most of my sites. It generally works well, despite all the weirdness it does (Drupal 7 is doing strange things behind a proxy, more later). One thing is, I've started using a CDN (NetDNA) for my site. With HTTPS, this generally doesn't work well, since I'm not enabling HTTPS for the CDN (at least not yet). The CDN module in Drupal generally works well, but I couldn't see an option to prevent it from using the CDN with HTTPS. This would generate those annoying warnings from Internet Explorer for example.

Since I'm also using an Apache Traffic Server proxy in front of Apache HTTPD, the protocol information was lost oncey it hit Apache, PHP and Drupal. Bummer. I browsed through the CDN code, and noticed they do indeed honor a header of X-Forwarded-Proto, which if set to "https" will prevent the CDN from being used. I added a plugin for my remap rules, with a config like

[SEND_REQUEST_HDR]
        X-Forwarded-Proto =https=

And I activated this for the https remap.config rules for Apache Traffic Server. With this, my Drupal site now stops using the CDN when Apache Traffic Server maps from https:// to the http://localhost URL.

Hacking: 

Comments

Re: Drupal, Traffic Server, HTTPS and CDNs

Certainly, I have this in remap.config:

map https://www.ogre.com http://www.ogre.com:82 @plugin=header_filter.so @pparam=/home/server/etc/ssl-header.conf

where ssl-header.conf is

[SEND_REQUEST_HDR]
    X-Forwarded-Proto =https=

Re: Drupal, Traffic Server, HTTPS and CDNs

When using the header_filter.so plugin, also remember to add it to the plugin.config config file. This plugin is unusual in that it's both a global hook, and a remap plugin, so it needs to be in both places (at least if you use any other hooks other than read-request-header).