Forum OpenACS Development: Re: Issues with site-wide SSL configuration
We got NGINX running in our test environment. Listening on port 80 and 443 with the AOLServer back-end listening on 8080. Installation and setup was straight forward.
The one thing we noticed was that our code uses [ad_conn location] for navigation links and we were getting the backend port (8080) in our links. To address this, we pulled some procs from a newer version of ACS (util::split_location and ns_parseurl) and added code in ad_conn to handle getting the location without the port number.
I noticed that in the version of ACS where we pulled the procs from, that this would be handled by a utility proc (util_current_location) and not in ad_conn directly. Should we be concerned about adding this to ad_conn?
I believe you can fix this issue by setting the following parameter
proxy_set_header X-Forwarded-For $remote_addr;
in the server section of your Nginx configuration file.
Try to google how to use the 'X-Forwarded-For' parameter in some Nginx configuration examples.
Hope it helps,
Current OpenACS has the commands (see ) for handling such cases:
- [ad_conn peeraddr]
- [ad_conn behind_proxy_p]
- [ad_conn behind_secure_proxy_p]
Check out the source code of current OpenACS, when something special have to be done in the reverse proxy cases, some of these might not be relevant for you.