SSL proxy redirects to root at login

as suggested I added this to the config.ini.php file:

; Uncomment line below if you use a standard proxy
proxy_client_headers[] = HTTP_X_FORWARDED_FOR
proxy_host_headers[] = HTTP_X_FORWARDED_HOST

; Uncomment line below if you use CloudFlare
proxy_client_headers[] = HTTP_CF_CONNECTING_IP

; Uncomment line below if you use another proxy (that sets Client-IP header)
proxy_client_headers[] = HTTP_CLIENT_IP

but now after login from https://www.mysite.com/piwik/ I get redirected to https://www.mysite.com/

How can I fix this?

I don’t know how to fix your problem but that code looks wrong. From the comments you should only uncomment one of those blocks (Not all three).

Valdhor - excellent point! Thanks for your note.

The problem still persist if using just this:

proxy_client_headers[] = "HTTP_X_FORWARDED_FOR"
proxy_host_headers[] = "HTTP_X_FORWARDED_HOST"

And if using just this:

proxy_client_headers[] = HTTP_CLIENT_IP

or just:

proxy_client_headers[] = HTTP_CF_CONNECTING_IP

my proxy it not working.

A stab in the dark:

In your config.ini.php file add the following:

login_logout_url = https://www.mysite.com/piwik/

Good stab … but it did not work. I tried

login_logout_url = https://www.mydomain.com/piwik/

and

login_logout_url = "https://www.mydomain.com/piwik/"

It really only controls where the redirect of the exit should go.

Annoying. The only thing I can think of is that you must have a redirect in your HTTPS configuration. Do you use Apache? Do you have a separate SSL configuration or is it in the httpd.conf file? Do you have an htaccess policy or file in that directory? If you’re not using Apache I can’t really help any more.

Yes I use Apache and IIS, but Apache is in the front. And I use Apache to host Piwik.
Over all it is not such a big deal, I just need to click back on the browser to get logged in passed the Login Screen, and I am inside the Piwik App.

httpd-ssl.conf has the following entry:

<IfModule mod_proxy.c>    
  ProxyRequests Off	
  ...
  ProxyPass         /piwik/   http://192.168.1.104:8080/
  ProxyPassReverse  /piwik/   http://192.168.1.104:8080/
  ...
  RewriteRule ^(.+)$  https://www.myserver.com/$1 [P,L]
</IfModule>

And http://192.168.1.104:8080/ is hosted on the same server using Apache.

Perhaps try turning off the rewrite stuff and see what happens?

If I turn off the RewriteRule none of the proxy’s will work. I need this for the proxy to work.

I’m guessing you need a RewriteRule before your current rule to take the case of Piwik and redirect it before the rule you have.

Interesting. I tried changing the order, but that did not make a difference.


However, at closer look at my httpd-ssl.conf file I discovered another entry (much lower in the file) for port 8080. This is what it looks like:

<VirtualHost www.myserver.com:443>
    ...
    <IfModule mod_proxy.c>    
        ProxyRequests Off	
        ...
        ProxyPass         /piwik/   http://192.168.1.104:8080/
        ProxyPassReverse  /piwik/   http://192.168.1.104:8080/
        ...
        RewriteRule ^(.+)$  https://www.myserver.com/$1 [P,L]
    </IfModule>
    ...
    <Proxy "http://192.168.1.104:8080">
        ProxyHTMLEnable  on
        ProxyHTMLExtended on
        ProxyHTMLURLMap  http://192.168.1.104:8080 https://www.myserver.com/piwik
    </Proxy>
    ...
</VirtualHost>

For http://192.168.1.104:8080 I have the following:

<VirtualHost _default_:8080>
    ServerName 192.168.1.104:8080
    AddHandler text/html .html
    LogLevel warn	
    # RewriteCond %{REQUEST_URI} analytics
    # RewriteRule .* https://www.myserver.com/piwik/
    <Directory "D:/www/piwik">
        Options Indexes FollowSymLinks Includes ExecCGI
        AllowOverride All
        Require all granted
    </Directory>
    DocumentRoot "D:/www/piwik"
    DirectoryIndex index.php 
</VirtualHost>

As a side note. As it stands, something is not working properly with the setup. Somehow Piwik is not recording visits from different domain names. I don’t know if this would be related. It somehow only records domain name visits from https://www.myserver.com/ and none of the other domain names. I use to have it working not using https but http. This is my VB code:

(I sins found the problem / see correction in bold)

<%
function write_site_number()
	if DotComType = "ch" then
		response.write("2")
	elseif DotComType = "com" then
		response.write("1")
	elseif DotComType = "eu" then
		response.write("3")
	else
		response.write("4")
	end if
end function

%><script type="text/javascript">
  var _paq = _paq || [];
  _paq.push(["setDocumentTitle", document.domain + "/" + document.title]);
  _paq.push(["setCookieDomain", "*.myserver.<%=DotComType %>"]);
  _paq.push(["setDomains", ["*.myserver.<%=DotComType %>"]]);
  <%
  if request.querystring("addCampain") <> "" then %>
    _paq.push(["setCampaignNameKey", "helloName"]);
    _paq.push(["setCampaignKeywordKey", "helloKey"]);
    _paq.push(["setCustomVariable",1,"var","name","visitor"]);<%
  end if 
  %>
  _paq.push(['trackPageView']);
  _paq.push(['enableLinkTracking']);
  (function() {

this did not track calls from: www.myserver.ch or www.myserver.net

        var u="//www.myserver.com/piwik/";

new - adding the https works:

        var u="https//www.myserver.com/piwik/";
	

	_paq.push(['setTrackerUrl', u+'piwik.php']);
	_paq.push(['setSiteId', '<% call write_site_number() %>']);
	var d=document, g=d.createElement('script'), s=d.getElementsByTagName('script')[0];
	g.type='text/javascript'; g.defer=true; g.async=true; 
	g.src=u+'piwik.js'; s.parentNode.insertBefore(g,s);
  })();
</script>
<noscript><p><img src='https://www.myserver.com/piwik/piwik.php?idsite=<% 
     call write_site_number() %>' style="border:0;" alt="" /></p></noscript>

Glad you figured it out.:relaxed:

Yes, me too.

The login bug problem that redirects the request from the piwik folder ".../piwik/index.php" to the root folder ".../index.php" during login still remains. I could add a index.php page in the root folder that would in return redirect back to the piwik folder ".../piwik/index.php" but do not think that this is the way so solve it.

Hi there, any solution found for this redirect redirect Problem after login? Having the same Problem.

That redirect redirect bug is still active. Here related post , and here the bug report.