[CentOS] Off Topic - SSL reverse proxy and Mixed Content
Gordon Messmer
gordon.messmer at gmail.com
Tue Oct 6 06:46:22 UTC 2015
On 09/30/2015 08:22 PM, Clint Dilks wrote:
> I have a site that I want to work behind a reverse proxy (httpd) if using
> http:// everything works as expected. If using https:// some content is
> displayed but some content is blocked because of stylesheets and etc being
> requested via http rather https.
>
> I know that the long term solution should be to get all code changed so
> that it references
> //myserver/resource or /resource rather than http://myserver/resource but
> is there anything I can do with httpd to get this working until these
> changes are made ?
I don't think so. It sounds like the "block" you're describing is
client-side. Your browser, by default, may block mixed content.
Otherwise, if you have working reverse proxies for http and https, there
shouldn't be a problem.
> Thanks for any suggestions. Below is my current VirtualHost config
>
> ProxyRequests On
> ProxyPreserveHost On
> ProxyTimeout 300
> <Proxy *>
> Order allow,deny
> Allow from all
> </Proxy>
That is a severe security problem. In a reverse proxy setup,
ProxyRequests should be off, and the Proxy allow/deny section isn't
needed at all.
More information about the CentOS
mailing list