Relevant Music

Modification: Use the Joomla! Admin area with an SSL proxy

Some webspace providers use HTTP SSL proxies that allow their  shared hosting customers to use some sort of “point-to-computing-center” security. Although it does not provide the full SSL security in all aspects, it is the only possibility to use encryption for most shared-hosting customers. Since SSL key negotiation is done before information for selecting the appropriate domain name is transmitted, it is not feasible to include domain names of hundreds of clients per IP address (Subject Alternative Name) into an SSL certificate.

Especially when administering them via the Web, using these proxies is a great security gain in untrusted networks in the proximity of the client. However, a great drawback is the incompatibility with many administration backends, so as Joomla.

This modification is targeted to help Joomla! users having an SSL proxy that routes a request of the format “https://ssl.myhoster.de/mydomainname.de/mypath.php” to your domain “http://mydomainname.de/mypath.php”. Goal of this modification is to create a support for SSL proxies that even enforces the usage of SSL for the Joomla admin panel.

For doing that, you should be quite familiar with PHP, since it requires a deep modification of Joomla!

This modification only works with the Apache Web Server until now, you are welcome to add support to other servers. The modification is for Joomla 1.5.21, but it may also work in previous or later versions.

Remember to make a backup before proceeding. You should be familiar with the Joomla code and know what you are doing in any step. I just describe what worked on my Joomla installation. Evaluate this in a test bed before using it in a critical installation. No guarantees of any kind!

First Step

Open “./libraries/joomla/environment/uri.php”

Look for the function &getInstance(..) and insert the red section below in the code. Put the rest of the remaining if-clause into an else -clause  (shown below).

function &getInstance($uri = 'SERVER')
 {

 /* ... */

 /*
 * Since we are assigning the URI from the server variables, we first need
 * to determine if we are running on apache or IIS.  If PHP_SELF and REQUEST_URI
 * are present, we will assume we are running on apache.
 */
 if (!empty ($_SERVER['PHP_SELF']) && !empty ($_SERVER['REQUEST_URI'])) {

/* AdminProxy Modification START */
    if ($this->getCfg('adminproxy_use') >= 1 && JPATH_BASE == JPATH_ADMINISTRATOR) {

       if ($this->getCfg('adminproxy_useSSL')) {
          $prot = "https://";
       } else {
          $prot = "http://";
       }

       $theURI = $prot . $this->getCfg('adminproxy_host') . $this->getCfg('adminproxy_path')
       . $_SERVER['REQUEST_URI'];

     } else {
/* AdminProxy Modification END */
        /*
         * To build the entire URI we need to prepend the protocol, and the http host
         * to the URI string.
         */
         $theURI = 'http' . $https . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];

/* AdminProxy Modification START */
     }
/* AdminProxy Modification END */

   /* ... */

 }

Second Step

Stay(!) in “./libraries/joomla/environment/uri.php”

Look for the function base(..) and insert the red section below in the code.

/**
 * Returns the base URI for the request.
 *
 * @access    public
 * @static
 * @param    boolean $pathonly If false, prepend the scheme, host and port information. Default is false.
 * @return    string    The base URI string
 * @since    1.5
 */
 function base($pathonly = false)
 {
       static $base;
       // Get the base request path
       if (!isset($base))
       {
            /* ... */

/* AdminProxy Modification START */

            if($config->getValue('adminproxy_use') >= 1 && JPATH_BASE == JPATH_ADMINISTRATOR) {
                  $base['path'] = $config->getValue('adminproxy_path') . $base['path'];
            }

/* AdminProxy Modification END */

        }
        return $pathonly === false ? $base['prefix'].$base['path'].'/' : $base['path'];
 }

Third Step

Open “./configuration.php”

Add the following configuration variables and alter them to fit to your domain and web hosting provider:

 var $adminproxy_use = 1;     //Switch the usage of admin SSL proxy on(1)/off(0)
 var $adminproxy_host = "ssl.myhost.de";    //Hostname of the SSL proxy to use
 var $adminproxy_path = "/mydomain.de";    //Path of the SSL proxy that is redirected to the root dir of your shared hosting server.
 var $adminproxy_useSSL = "1";    //Whether to use https:// or not, at SSL proxies this should always be 1.

Now you should  be able to connect to your admin area via the SSL proxy, it will even enforce the usage of SSL!

Relevant Music © 2003-2006 Leo Nobach. Blog proudly powered by WordPress