Nginx SSL behind SSL terminator

Recently I ran into an issue when using Nginx behind an SSL terminator (load balancer). Both $scheme in Nginx and $_SERVER[‘HTTPS’] in PHP were incorrect, because Nginx thought it was behind HTTP. I finally figured out a fix, which is a bit hacky, but it works.

In your site config, above your server block, put this:

map $http_x_forwarded_proto $fcgi_https {
  default off;
  https on;
}

map $http_x_forwarded_proto $real_scheme {
  default $scheme;
  https https;
}

Then in your code that passes PHP scripts to PHP-FPM, put this:

fastcgi_param HTTPS $fcgi_https;

This must come after you include Nginx’s default fastcgi_params file.

If you do redirects in Nginx, use $real_scheme instead of $scheme.

One Reply to “Nginx SSL behind SSL terminator”

  1. Keshav Gupta says: Reply

    ultimately after hours and hours of trying different solutions.. yours was the key!

Leave a Reply