Blog

Category: Server
Hits: 1742

After upgrade a Mac server to OS X 10.10.5 with Server 5.0.15, I run into an issue that the Joomla sites hosted there no longer functioned properly. The SEF (Search Engine Friendly) URL had to be turned off to get the site to work at all. Some call (clicks) get to the site, some would result in the correct URL but to port 80. The access log produces first a 303 apache error code, followed by apache 404, because the we browser tried to access the port 80 for that URL which did not exists. This was especially a problem for the back-end functionally of joomla. (../administrator/index.php)

The solution 1)  can be done using the OS X server GUI. Create an other website with the same URL on port 80. Now click 'Redirect' and select 'When users visit:' & ' This Website'. 'Redirect them to:' Select the SSL version of your website. 

The site now functions as expected, including the SEF. I still get the 303 results in that access.log, but now the are followed with a slightly different URL resulting a 302 and a 200. 
Update: The browser gives a warning that the user is submitting a insecure form.

The solution 2) Inded when we look a the raw browser code we see that joomla produces in ln 33 <base href="http://www.mysite.com/index.php/" /> (Note not https://) Not good. After some digging I find that the file in /libraries/joomla/environment/uri.php does a test to see if runs on a https site:

if(isset($_SERVER['HTTPS'])&&!empty($_SERVER['HTTPS'])&&(strtolower($_SERVER['HTTPS'])!= 'off')) 

This test fails as OS X now uses a load balances and $_SERVER['HTTPS'] is not defined. Include a test on an other variable like the port number $_SERVER['SERVER_PORT']==443 .

 if(isset($_SERVER['HTTPS'])&&!empty($_SERVER['HTTPS'])&&(strtolower($_SERVER['HTTPS'])!= 'off')||$_SERVER['SERVER_PORT']==443)

It turns out that because of the Load Balancer, which handles the SSL encryption/decryption the Web Server doesn't get $_SERVER["HTTPS"], but $_SERVER["HTTP_USESSL"] is set and can be used as a flash for SSL traffic. So you could test for  $_SERVER["HTTP_USESSL"] but I did not try that yet. 

I hope this helps you.