Change to ssl-proxy

Support & Bugs
1

i have piwik 1.9 on a hosteurope server. i activate ssl-proxy and want to use for my piwik login.

i have added


[General]
assume_secure_protocol = 1

to the config.ini.php.

if i want to login with https://ssl.webpack.de/piwik.mydomain.com/ i get the error:

Form security failed. Please reload the form and check that your cookies are enabled. If you use a proxy server, you must configure Piwik to accept the proxy header that forwards the Host header. Also, check that your Referer header is sent correctly.

if i have assume_secure_protocol = 1 i can login with http but the piwiklogo don’t load. the uncorrect path in sourcecode is https://piwik.mydomain.com/themes/default/images/logo-header.png

how can i resolve this problem?

2

Unless https://ssl.webpack.de/piwik.mydomain.com/ forwards to http://ssl.webpack.de/piwik.mydomain.com/, then you need to also set proxy_host_headers[].

3

sorry, i’m a newbie with ssl-proxy.

for example my homepage is mydomain.com and piwik is then piwik.mydomain.com
for analytics i want to use http and for login i want to use https.

in my config.ini.php i need the lines


[General]
assume_secure_protocol = 1
proxy_host_headers[] =

and for proxy_host_headers[]?
http://ssl.webpack.de/piwik.mydomain.com/, https://ssl.webpack.de/piwik.mydomain.com/ and piwik.mydomain.com dosn’t work.
or i need the ip-adress from proxy server?

4

Is there a solution out there?
HostEurope webpacks are adding ‘ssl.webpack.de/’ in front of nonsecured pages:

http://mypage.test will become https://ssl.webpack.de/mypage.test .

How to configure Piwik even for secure login to admin page?
(Main goal: Login password should be transmitted NOT in clear text even with http:// connection…)

FAQ’s regading this problem are:
http://piwik.org/faq/how-to/#faq_91
http://piwik.org/faq/how-to-install/#faq_98

(Tracking secure and unsecure pages can be done by modifying js code. HowTo is shown here.)

5

Is there a solution out there?
HostEurope webpacks are adding ‘ssl.webpack.de/’ in front of nonsecured pages:

http://mypage.test will become https://ssl.webpack.de/mypage.test .

How to configure Piwik even for secure login to admin page?
(Main goal: Login password should be transmitted NOT in clear text even with http:// connection…)

FAQ’s regading this problem are:
http://piwik.org/faq/how-to/#faq_91
http://piwik.org/faq/how-to-install/#faq_98

(Tracking secure and unsecure page can be done by modifying js code. HowTo is shown here.)