I have a Symfony 2 website that either runs on HTTP in development or on HTTPS in production.
I noticed that in production the URL's generated by Symfony are still all rendered as HTTP.
How can I either;
- Let the framework adopt the current protocol from which the website is served (probably preferred)?
- Or, force the entire website in HTTPS mode only in production?
I used this solution to force HTTP or HTTPS:
I defined a
%auth_required_channel%
value in the different environments configuration files:app/config/config_dev.yml and app/config/config_test.yml
app/config/config_prod.yml
app/config/security.yml
This parameter is then used to require the HTTP or HTTPS channel (Symfony2 documentation):
(adapted from an old answer)
Assuming this case :
REMOTE_ADDR
(i.e withmod_rpaf
apache extension) (of course in this case you can't usetrusted_proxies
value)You can set HTTPS environment variable in your webserver, indexed on X-FORWARDED-PROTO header value, to force Symfony to use https protocol.
In Apache :
To force
HTTPS
in your production environment you can use the following configuration:In your
app/config/routing.yml
:In your add
app/config/routing_dev.yml
:if you want to force
HTTP
for all your routes in development environment.And in your
@AcmeHelloBundle/Resources/config/routing.yml
you can place all your routes.For more information about
schemes: [https]
and other ways to make it work you can look at Symfony documentation.Both solutions given by @A.L and @AndreySobkanyuk are valid, but don't apply to the issue I was experiencing.
The problem with both solutions given by @A.L and @AndreySobkanyuk is that Symfony 2 is trying to do a redirect. I.e. if a URL is accessed through a protocol (e.g. HTTP) which in the routing config is specified differently (e.g. HTTPS), Symfony 2 will do a redirect (at a PHP level).
In my situation, the URL rewriting happens at a web server level (Apache) because my website serves all URL's as HTTPS.
The problem I was dealing with was that the URL's generated in my templates were all rendered using the HTTP protocol were they should have been HTTPS. I was assuming that there was a way to tell Symfony that whenever it renders a URL to prefix it with HTTPS instead of HTTP. Unfortunately, there isn't (or at least, not that I'm aware off).
Since my website is running behind a load balancer, my web server wasn't aware that it should render URL's as HTTPS because the internal connection between the load balancer and the web server is HTTP. This means that from Symfony's point of view, all requests are made using HTTP and by forcing the protocol on a Symfony routing level, it was causing an infinite redirect loop, i.e;
To solve my problem I had to make my web server aware of the fact that my website runs in HTTPS. By following the instructions given on the How to Configure Symfony to Work behind a Load Balancer or a Reverse Proxy page I as able to fix the problem, i.e. my web server is now being supplied with the correct header information and is now generating the correct URL's.
The easiest way to pass on the required headers from the load balancer to the web server is to add the following line to your
web/app.php
:Beware, that the above might not be the best solution for your specific configuration. Please refer to the documentation for other approaches that might be more suitable for your set up.
I found this useful for my case (using nginx)
add to nginx fcgi params the following line, This is needed because Symfony2 relies on this variable, passed by the web server to PHP, to generate the correct URL. Apache does this by default, but nginx needs this special config.
fastcgi_param HTTPS on;
http://blog.servergrove.com/2011/04/04/symfony2-quick-tip-generateurl-with-https-on-nginx/