Running Drupal behind Reverse Proxy Server

Events happening in the community are now at Drupal community events on www.drupal.org.
fnikola's picture
Posted by fnikola on November 16, 2010 at 6:45pm

We are having issues with session persistence in Drupal when using the Pound reverse proxy server. Currently, we are losing our session when clicking on a link to add a comment to a node for subdomains only. This issue (losing our session) does not happen when on the main domain (www.example.com), but only when on subdomains (sub1.example.com and sub2.example.com).

Our current environment has the Pound reverse proxy server in front of two Drupal web servers that are each connected to an NFS mount where the Drupal site code exists.

We have made the following changes to the settings.php file as directed for reverse proxy:

Use . first because we have multiple subdomains

$cookie_domain = '.ourdomain.com';

$conf['reverse_proxy'] = TRUE;

$conf['reverse_proxy_addresses'] = array('999.999.999.99');

And have added the Drupal cookie in the reverse proxy configuration file:

Service
BackEnd
Address web.server.one.net
Port 80
Priority 5
End
BackEnd
Address web.server.two.net
Port 80
Priority 5
End
Session
Type COOKIE
ID "session_key"
TTL 540
End
End

Is there anything else that needs to be configured to maintain session persistence for subdomains?

Thanks,
Frank

Categories:

Comments

Cookie Domain

Posted by mikeytown2 on November 16, 2010 at 7:53pm
mikeytown2's picture

In settings.php be sure to set this

<?php
$cookie_domain = '.example.com';
?>

Thanks and yes we have set the cookie domain

Posted by fnikola on November 16, 2010 at 8:29pm
fnikola's picture

The $cookie_domain variable is set as indicated in settings.php with our domain:

$cookie_domain = '.ourdomain.com';

Along with the

$conf['reverse_proxy'] = TRUE;

and

$conf['reverse_proxy_addresses'] = array('999.999.999.99');

variables with the correct IP of the proxy server.

It seems to work correctly for the primary www.example.com domain, but has issues holding the session for subdomains (sub1.example.com or sub2.example.com).

Does it work as expected

Posted by dalin on November 17, 2010 at 12:07am
dalin's picture

Does it work as expected without the reverse proxy?

And you have your code on the NFS mount? That may be slowing things down as much as the reverse proxy is speeding things up. The better way would be to have the codebase exist locally on each webhead (deploy with rsync or the like). Then only share the files directory with NFS.

--

Dave Hansen-Lange
Director of Technical Strategy, Advomatic.com
Pronouns: he/him/his

Thanks Dave

Posted by fnikola on November 19, 2010 at 5:18am
fnikola's picture

Yes, we have taken out the reverse proxy and it works as expected and never loses the session. Currently I am looking at the issue http://drupal.org/node/244593#comment-2339298 to see if anything applies to my situation.

Thanks for the tip about the NFS mount and codebase sharing!

My working solution

Posted by acescon (not verified) on August 2, 2017 at 12:52pm
acescon's picture

Hello, we have Drupal7 running on Nginx behind an Apache reverse proxy. We found that session cookies are saved with internal domain and we were able to login from internal network but not from public access. Below our woking settings on drupal conf file:

$base_url = 'http://www.->public domain<-';
$cookie_domain = '.->public domain<-';
$conf['reverse_proxy'] = TRUE;
$conf['reverse_proxy_addresses'] = array('reverse proxy server IP ADDRESS');

High performance

Group notifications

This group offers an RSS feed. Or subscribe to these personalized, sitewide feeds: