Moodle on non standard port and HTTPS login

Moodle on non standard port and HTTPS login

Panagiotis Petasis -
Erantzun kopurua: 15
A customer of mine requires that I install Moodle on a non standard port(http://example.com:81). Moodle worked fine until the moment he requested that I enable HTTPS login. The Apache SSL installation works fine but most Moodle https links are broken. Moodle when redirecting to a HTTPS page replaces http:// with https:// . That works fine when using port 80 but when using port 81 the URL becomes https://example.com:81 which of course does not work.
I think there was an attempt to correct that by introducing variable CFG->httpswwwroot but that variable is not correctly set or not used everywhere in Moodle code.

I have thought the following solutions
1. Use Apache mod_rewrite to strip :81 from https urls
2. Try setting $CFG->wwwroot to something like "http://".$_SERVER["HTTP_HOST"]."/";
3. Use iptables port redirection so that port 81 is redirected to port 80 and Apache listens on port 80.
4. Modify Moodle code in every page that http:// is replaced with https:// I guess that is a lot of work and I could miss some pages so I will leave that as a last try.
I am currently working on solution 1 but with no luck yet.

I use Moodle 1.9.9, Apache 2.2, PHP 5.1.6, MySQL 5.0 on CentOS Linux 5
I would appreciate any suggestions smile

Puntuazioen batez bestekoa: -
Panagiotis Petasis(e)ri erantzunda

Re: Moodle on non standard port and HTTPS login

Colin Fraser -

From memory, which is getting like a sieve...

First forget :81 You have a lot more ports open than that.

Add to the etc/apache/ports.conf file an additional Listen directive

Listen 80
Listen 1139 


You may have to use something like
Listen 192.168.1.12:1139
for a Linux server.
You may have to check the configuration but I think there is also a https port as well

Alternatively, you may want to find out about Apache-SSL that may have a bearing.

Puntuazioen batez bestekoa: -
Colin Fraser(e)ri erantzunda

Re: Moodle on non standard port and HTTPS login

Panagiotis Petasis -
Colin

first of all thanks for your reply.
I think that the problem is not the configuration but the way different parts of the Moodle code are writen. Most parts just replace the http:// from the wwwroot variable with https://
This creates links like https://example.com:81/ Both https:// and :81 in the url gives error.
Puntuazioen batez bestekoa: -
Panagiotis Petasis(e)ri erantzunda

Re: Moodle on non standard port and HTTPS login

Howard Miller -
Core developers-ren irudia Documentation writers-ren irudia Particularly helpful Moodlers-ren irudia Peer reviewers-ren irudia Plugin developers-ren irudia
I feel some confusion here - but I'm not sure what you are trying to achieve. What port ARE you listening for HTTPS on? You CAN'T have http and https on the same port - they are entirely different protocols (before we go any further).

Moodle won't work out the https URL correctly if a port is used in wwwroot.. it doesn't work. The place you want to look is the httpsrequired() function is lib/moodlelib.php. You might have to bodge that so that $CFG->httpswwwroot ends up being correct. I think that would be easiest.

The only place you *should* be using https is for logins. There is no benefit in running the whole site under SSL and, worse, it'll just run really slowly. However, if you must, it is nothing to do with Moodle really. Just set wwwroot to include https and then set up a rewrite to change http to https in Apache.
Puntuazioen batez bestekoa: -
Howard Miller(e)ri erantzunda

Re: Moodle on non standard port and HTTPS login

Panagiotis Petasis -
To clear some things
1. HTTP is on port 81 and HTTPS on port 443
2. I am not trying to run the whole site over SSL just the login

Moodle won't work out the https URL correctly if a port is used in wwwroot.. it doesn't work.
That exactly is what i am trying to make work correctly.
I have tried setting the $CFG->httpswwwroot but it does not correct things.
Code does not use the $CFG->httpswwwroot variable. For example the Login Block does not use $CFG->httpswwwroot but replaces http:// with https:// The logedinas that apears on the theme footer and header does not use $CFG->httpswwwroot . Maybe there are numerous points in code where this happens.

My initial question was if there is some way to achieve it with changing Moodle code.
If i end up changing Moodle code do you have an estimate how many parts do i have to change?

Thanks again
Puntuazioen batez bestekoa: -
Panagiotis Petasis(e)ri erantzunda

Re: Moodle on non standard port and HTTPS login

Howard Miller -
Core developers-ren irudia Documentation writers-ren irudia Particularly helpful Moodlers-ren irudia Peer reviewers-ren irudia Plugin developers-ren irudia
Firstly, I would not recommend using the login block if you are using secure login as it isn't really secure.

Hacking the code in moodlelib.php (that I pointed out) should get the login/index.php working.

I'm unsure why you would want https to appear anywhere else (e.g. logged in as in the header/footer).
Puntuazioen batez bestekoa: -
Howard Miller(e)ri erantzunda

Re: Moodle on non standard port and HTTPS login

Panagiotis Petasis -
Hacking Moodle code is an option but i dont know how much work it involves. I believe that hacking moodlelib.php is not enough and there are other parts of the Moodle code that fail to work.
I dont want https to appear somewhere specific but it comes up in other parts of the code apart from the login page.
For example
1. In the header and or the footer there is a message "You are logged in as Panagiotis Petasis (Logout). If you are not logged in, the message is "You are not logged in. (Login)"
The Login is a link to the login page that is broken https://example.com:81/login/index.php
2. The theme in the login page does not show correctly because all the autogenerated includes in the theme use links like <link rel="stylesheet" type="text/css" href="https://example.com:81/theme/standard/styles.php" /> that dont work.

These are 2 problems i have noticed but there may be others. I think hacking moodlelib.php wont correct these easily and others may appear in different parts of the code. That is the reason i was trying to come up with a solution that would not involve hacking Moodle code.



Puntuazioen batez bestekoa: -
Panagiotis Petasis(e)ri erantzunda

Re: Moodle on non standard port and HTTPS login

Howard Miller -
Core developers-ren irudia Documentation writers-ren irudia Particularly helpful Moodlers-ren irudia Peer reviewers-ren irudia Plugin developers-ren irudia
Hmmm....

Looking at the code and thinking about it, I would imagine that Moodle actually needs some work to support this properly. I can't see that you'll get this working without making some code changes.

I'm sure that there has been some discussion about this before but (of course) I can't find it now.
Puntuazioen batez bestekoa: -
Howard Miller(e)ri erantzunda

Re: Moodle on non standard port and HTTPS login

Panagiotis Petasis -
I am trying to solve the problem using Apache mod_rewrite.
When i have a working solution i will post it here.
Puntuazioen batez bestekoa: -
Panagiotis Petasis(e)ri erantzunda

Foroko mezu hau ezabatua izan da.

Foroko mezu honetako edukiak ezabatuak izan dira eta ez daude eskuragarri.
Ezabatutako erabiltzailea(e)ri erantzunda

Re: Moodle on non standard port and HTTPS login

Panagiotis Petasis -
I think Moodle running entirely over SSL is no problem even when using non standard ports. The combination Moodle on non standard port and Enable HTTPS login creates the problem as all the https:// links created are broken as they contain the port number.
https://example.com:81/ is not a valid link as it contains the port number although it should not.

Not using Port 80 is a choice made by the network administrator of the customer and i don't know the reasons. I do know it is difficult to change their decision.
Puntuazioen batez bestekoa: -
Panagiotis Petasis(e)ri erantzunda

Foroko mezu hau ezabatua izan da.

Foroko mezu honetako edukiak ezabatuak izan dira eta ez daude eskuragarri.
Ezabatutako erabiltzailea(e)ri erantzunda

Re: Moodle on non standard port and HTTPS login

Howard Miller -
Core developers-ren irudia Documentation writers-ren irudia Particularly helpful Moodlers-ren irudia Peer reviewers-ren irudia Plugin developers-ren irudia
I have to be careful not to be mis-represented here but I personally would not store information in Moodle of such a nature where I felt I needed to secure the whole site with SSL.

All the loginhttps is doing is to force the login page to have https: at the front of the URL. What you are doing is forcing the whole of the site to have https: at the front of the URL (in your web server presumably) which makes loginhttps redundant.

I have never understood what information you might want to store in Moodle that needs encrypted "over the wire" (as apposed to being secured by a decent username/password or not there in the first place) other than the login credentials.
Puntuazioen batez bestekoa: -
Howard Miller(e)ri erantzunda

Foroko mezu hau ezabatua izan da.

Foroko mezu honetako edukiak ezabatuak izan dira eta ez daude eskuragarri.
Ezabatutako erabiltzailea(e)ri erantzunda

Foroko mezu hau ezabatua izan da.

Foroko mezu honetako edukiak ezabatuak izan dira eta ez daude eskuragarri.
Panagiotis Petasis(e)ri erantzunda

Re: Moodle on non standard port and HTTPS login

karthick s -

Hi All,

My system IP got changed from 10.18.19.170 to 10.18.53.46, I modifed the IP in config.php file and launch the page like this http://10.18.53.46/index.php , it took longtime to come up, page displayed but none of the images, files are not dispalyed.

When i check the property of the image its still showing http://10.18.19.170/**** like this.

What should i do now.

I try to launch replace.php like this http://10.18.53.46/admin/replace.php but it displaying page cannot be dispalyed, i need to do anythign for that, all the pages are referiing to my old IP, 10.18.19.170.

Its very urgent ot me, plz help me as soon as possible.

Thanks in Advance

Karthick.S

Puntuazioen batez bestekoa: -