Problem with SSL behind Web Application firewall

Problem with SSL behind Web Application firewall

by Will Snow -
Number of replies: 6
Hello


Im Running Moodle 3.1 on a Apache2 webserver behind a Web Application firewall that forces all requests to a HTTPS connection. The connection between the Firewall and the Webserver however is unencrypted over HTTP as it is not neccesary in the safe network. 

Now if i try to reach the moodle over the https connection via the Firewall, it gives out the error that a HTTPS connection should be used to contact the Server.  

Reconfigureing both the Webserver and Firewall has led to even more Problems

Now my question is as follows: 

Is there any way of disabling this check as the firewall forces the https connection anyhow?


Thanks in advance

Will


Average of ratings: -
In reply to Will Snow

Re: Problem with SSL behind Web Application firewall

by Howard Miller -
Picture of Core developers Picture of Documentation writers Picture of Particularly helpful Moodlers Picture of Peer reviewers Picture of Plugin developers

I'm unsure from your description what "check" you are talking about. Is this an error message from Moodle, and if so, what *exactly* is the message?

Are you running Moodle in https 'mode'?

Average of ratings: -
In reply to Howard Miller

Re: Problem with SSL behind Web Application firewall

by Will Snow -

I set the $CFG->wwwroot to "https://...:"


The Message is as follows:

For security reasons only https connections are allowed, sorry.


IT comes up when i try to open the page.


Thanks



Average of ratings: -
In reply to Will Snow

Re: Problem with SSL behind Web Application firewall

by Howard Miller -
Picture of Core developers Picture of Documentation writers Picture of Particularly helpful Moodlers Picture of Peer reviewers Picture of Plugin developers

I'm thinking you might need to enable one or both of these options in your config.php...

// Enable when setting up advanced reverse proxy load balancing configurations,
// it may be also necessary to enable this when using port forwarding.
//      $CFG->reverseproxy = true;
//
// Enable when using external SSL appliance for performance reasons.
// Please note that site may be accessible via http: or https:, but not both!
//      $CFG->sslproxy = true;
Average of ratings: -
In reply to Howard Miller

Re: Problem with SSL behind Web Application firewall

by Christophe Temler -

Hi,

i am having the same problem.

playing with the parmater

$CFG->reverseproxy=true;

$CFG->sslproxy=true;

in the config file doesn-t help. did you find a solution?

Average of ratings: -
In reply to Christophe Temler

Re: Problem with SSL behind Web Application firewall

by Emma Richardson -
Picture of Documentation writers Picture of Particularly helpful Moodlers Picture of Plugin developers

Have you updated your database to reflect the URL change? This error shows up when you are trying to go to a non https version of the page.

Average of ratings: -
In reply to Christophe Temler

Re: Problem with SSL behind Web Application firewall

by Will Snow -

I didnt find a way to change the config of Moodle..... I found that the Apache wasn't configured correctly which stoped the SSL comunication between the firewall and the webserver. After I fixed that error Moodle stoped asking for a ssl connection and moodled started working.

Average of ratings: -