1

In Contao 3.5.9

I have uploaded to new server and am using a different domain from the original installation. I am also using https://

Many of the resources needed are not being loaded because the system has the base url set to http:// It is using the correct domain name in the base url, but the wrong protocol.

I cannot login to the admin.

I searched Google (not much there about Contao) and found this: http://blog.qzminski.com/article/move-the-contao-to-another-server.html

reading it, it seems that the base url is set in the admin, which means it can be found somewhere in the db.

I have search the DB dump but cannot find it.

How can I change the protocol of the base url?

Jez D
  • 1,461
  • 2
  • 25
  • 52
  • If you are accessing the website via `https://` then the base href should also contain `https://`, as well as any other absolute links for that domain. Did you clear the internal cache and the page cache after moving the installation to a new domain? Do you maybe have any custom templates that use absolute links without `https`? – fritzmg Apr 21 '16 at 15:45
  • You don't have to specify the protocol, you can use // instead. That will use the same protocol of the page. The problem is that my base url is set somewhere as `http://`sub.domain.com and I want to change it. – Jez D Apr 21 '16 at 18:47

1 Answers1

7

Contao uses the following to determine whether the current request is done via SSL or not » \Environment::get('ssl'):

/**
 * Return true if the current page was requested via an SSL connection
 *
 * @return boolean True if SSL is enabled
 */
protected static function ssl()
{
    return ($_SERVER['SSL_SESSION_ID'] || $_SERVER['HTTPS'] == 'on' || $_SERVER['HTTPS'] == 1);
}

It is possible that your server environment does not set either of these $_SERVER globals. This can be the case if you are using an SSL proxy for example.

If that is the case for you, then you can extend the SSL detection by inserting

if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && 'https' === $_SERVER['HTTP_X_FORWARDED_PROTO']) 
{
    $_SERVER['HTTPS'] = 1;
}

into your /system/config/initconfig.php. See https://github.com/contao/core/issues/7542 for example (only German though).

fritzmg
  • 2,494
  • 3
  • 21
  • 51
  • 1
    Interesting. I am not using Cloudflare, but am using AWS ELB's. So, I guess the solution is the same. – Jez D Apr 25 '16 at 07:41
  • Yep, it's the same there. However, keep in mind that any such SSL connections are not truly end-to-end encrypted. Only the connection between you (the client) and the load balancer is encrypted in this case. – fritzmg Apr 25 '16 at 07:56
  • As I am also hosting on AWS, so not too fussed about that :-) – Jez D Apr 27 '16 at 13:54