Requests

This page describes configuration items to tweak how inbound and outbound requests are handled within the application.

Contents

Configuring Trusted Redirect Hosts
Configuring Trusted Proxies
Configuring an Outbound Proxy

For details on how to set the below configuration items, please read Environment Variables.

Configuring Trusted Redirect Hosts

When logging into the application, sometimes a redirect URI is specified to take the user back to the page that they were previously viewing. The redirect URI is validated for security reasons, and by default, only the help desk domain is permitted.

Trusted hosts can be configured using a comma delimited list of host names via the TRUSTED_REDIRECT_HOSTS environment variable. For example, foo.com, foo.co.uk. To trust all hosts, use *.


    TRUSTED_REDIRECT_HOSTS=foo.com, foo.co.uk

Configuring Trusted Proxies

When running the application behind a load balancer that terminates TLS / SSL certificates, you may notice the application sometimes does not generate HTTPS links correctly. Typically, this is because the application is being forwarded traffic from your load balancer on port 80 and does not know it should generate secure links.

To solve that, you can configure a comma delimited list of proxy addresses (IP addresses and hostnames) via the TRUSTED_PROXY_IPS environment variable. For example, 192.168.1.1, 192.168.1.2.


    TRUSTED_PROXY_IPS=192.168.1.1, 192.168.1.2

Trusting All Proxies

If you are using Amazon AWS, Cloudflare, or another "cloud" load balancer provider, you may not know the IP addresses of your actual balancers. In this case, you may use * to trust all proxies.


    TRUSTED_PROXY_IPS=*

Configuring an Outbound Proxy

The application makes several external network connections, for example to our licensing server, to download emails, and so on. If necessary, this traffic can be sent through an outbound proxy.

libcurl version 7.50.2 or above is required.
To check what version of libcurl is available, open Utilities -> System -> PHP Information within the operator panel and search for "curl". The "cURL Information" row in the table will display the libcurl version in use. Please also check what version of libcurl the cron is using, see php command line options for guidance.

The outbound proxy can be configured via the OUTBOUND_PROXY_URI environment variable and accepts a valid URI.


    OUTBOUND_PROXY_URI=socks5://bob:marley@localhost:12345

The following schemes are supported:

http://
HTTP Proxy
https://
HTTPS Proxy. (Added in libcurl 7.52.0 for OpenSSL, GnuTLS and NSS)
socks4://
SOCKS4 Proxy.
socks4a://
SOCKS4a Proxy. Proxy resolves URL hostname.
socks5://
SOCKS5 Proxy.
socks5h://
SOCKS5 Proxy. Proxy resolves URL hostname.