Determine if visitor connected over SSL on CloudFl

2019-03-18 16:25发布

问题:

We have a site running on CloudFlare Pro that uses their supplied certificate for one-click encryption. Our site has "optional" SSL for users. As it's a forum, we currently run a proxy script that detects if a posted image is not using a HTTPS protocol and automatically proxies the image through a script running on our server to maintain security and our lovely green lock!

My only issue now is that this introduces unnecessary load on our servers when users aren't using HTTPS so we would like to be able to detect if they are or are not. However, as the CloudFlare server is actually connecting to ours no matter what over HTTP (because we are using one-click SSL on CloudFlare) our PHP script always reports HTTP and never proxies the images even when the user is using HTTPS. Is there a way to get CloudFlare to report the user is using SSL?

回答1:

Found my answer, they send a header X-FORWARDED-PROTO. It's https for SSL and http for normal!