Page 1 of 1

What do you know about SSL Proxies?

Posted: Sun Sep 11, 2011 12:57 am
by flying_circus
Here I am, thinking I'm super clever, and then I discover SSL Proxies...

Consider the following URI, where example.org is my domain name:
https://ssl.perfora.net/example.org/phpinfo.php.

Looking at this link, I would expect it to return on port 443 and HTTPS to be 'on' or 1. Instead, it returns port 80 and a bunch of FORWARDED_FOR headers.

HTTP_X_FORWARDED_BY United Internet SSL Proxy
HTTP_X_FORWARDED_FOR 97.120.196.113
HTTP_X_FORWARDED_HOST ssl.perfora.net
HTTP_X_FORWARDED_SERVER ssl.perfora.net

Am I understanding this correctly as 1-way only, encrypted transmission?

Is this common webhost behaviour? I almost feel like 1and1 is taking me for a ride by providing as little as possible to encourage me to purchase an SSL cert from them, nevermind I purchased their "Business" hosting. This is the first time I have run across this.

I have spent days refactoring my code to support, SSL, Shared SSL, or No SSL, and now here comes a wrench.

I have access to a bluehost account, so I will try their server tomorrow and see if I get similar results.

Have you encountered this before?

Edit: Bluehost uses a Shared SSL, not a proxy, and results are as I expected.