Cloudflare Opencart HTTPS issue

Question

I'm using Opencart 1.5.6, with Cloudflare pro service. The issue I have is when I have Opencart SSL enabled.

I have changed the config.php and admin/config.php to look at HTTPS.

When I browse to a HTTPS url on the website, the main HTML comes through as HTTPS, but most other resources are still HTTP, which causes insecure content issues.

I belive this is because Cloudflare doesn't make the HTTPS environment variable available for Opencart.

I believe the code contained in these 3 files:

• /admin/controller/common/header.php
• /admin/controller/common/filemanager.php
• /catalog/controller/common/header.php

is the issue:

if (isset($this->request->server['HTTPS']) && (($this->request->server['HTTPS'] == 'on') || ($this->request->server['HTTPS'] == '1'))) {
    $this->data['base'] = HTTPS_SERVER;
} else {
    $this->data['base'] = HTTP_SERVER;
}

Question is, does anyone have any idea how I can change this to work correctly with Cloudflare?

Answer 1

Turns out I didn't need to do this, I have just added this to my .htaccess:

RewriteCond %{HTTP:X-Forwarded-Proto} https
RewriteRule .* - [E=HTTPS:on]
SetEnvIf X-Forwarded-Proto https HTTPS=on 

Cloudflare support recommended I add this snippet to the apache config so that it is not necessary to read the .htaccess each time creating overhead.

Havn't tested it in httpd.conf yet though.