DNN Forums

Ask questions about your website to get help learning DNN and help resolve issues.

Mixed-content errors when using reverse proxy with SSL

Sort:
You are not authorized to post a reply.





New Around Here





    One of our customers has a DNN site that is behind a reverse proxy server. The communication is like this:

    User -> Reverse Proxy (HTTPS Apache) -> DNN (HTTP IIS)

    Since we activated the reverse proxy the popups on the site stopped working because of the mixed-content error on the browser.

    At first, we perceived that this was happening to some custom modules popups. We couldn't find the code where it would call the DNN popup and pass the URL to change it from HTTP to HTTPS, so we did a little hack in js/dnn.modalpopup.js to replace "http" with "https" in the URL string.

    That worked, but then we noticed that it was also happening to some official parts of DNN, like when we try to create a user (it is through a popup) and click on Submit, it will freeze with the loading spinning, but the console complains about mixed-content again. The funny thing is that the user is created, it just can't get out of the popup after it saves.

    We tried enabling SSL in host setting and enforcing SSL, but that causes some pages to not load with TOO_MANY_REDIRECTS error. It is worth mentioning that we don't have any URL rewrite enabled on IIS.

    We also tried to set IsSecure in all records in Tabs table, but that caused the site to not load at all with the error TOO_MANY_REDIRECTS.

    You are not authorized to post a reply.

    These Forums are dedicated to the discussion of DNN Platform.

    For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

    1. If you have (suspected) security issues, please DO NOT post them in the forums but instead follow the official DNN security policy
    2. No Advertising. This includes the promotion of commercial and non-commercial products or services which are not directly related to DNN.
    3. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
    4. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
    5. No Flaming or Trolling.
    6. No Profanity, Racism, or Prejudice.
    7. Site Moderators have the final word on approving / removing a thread or post or comment.
    8. English language posting only, please.

    Would you like to help us?

    Awesome! Simply post in the forums using the link below and we'll get you started.

    Get Involved