Apache/PHP not showing $_SERVER['HTTPS']

santrix

Well-Known Member
Nov 30, 2008
225
2
68
Running latest release tree build (apache 2.2, php 5.2.x

How is it possible to expose this element in the $_SERVER array? Currently, it is not shown in the phpinfo(); output (near the bottom), so just returns null whether the page is being served via http or https

Thanks for any help
 

d_t

Well-Known Member
Sep 20, 2003
245
3
168
Bucharest
$_SERVER['HTTPS'] is set (to on) only when you access the php script over SSL. Otherwise is not set at all.
 

santrix

Well-Known Member
Nov 30, 2008
225
2
68
Hi d_t

I cannot see this behaviour.

running this script:

Code:
echo "<br /> isset(\$_SERVER['HTTPS']) = ";
echo isset($_SERVER['HTTPS'])?"true":"false";
echo "<br />Value of \$_SERVER['HTTPS'] = " . $_SERVER['HTTPS'];
All I get is this output whether accessed via https or not... However, this page is accessed using a mod_userdir URL http://~[username]/test.php

isset($_SERVER['HTTPS']) = false
Value of $_SERVER['HTTPS'] =

Steve
 

ckh

Well-Known Member
Dec 6, 2003
358
1
168
Phoenix, AZ
cPanel Access Level
DataCenter Provider
The output isn't true or false, or 1 or 0. The output is either "on" if using https or blank if not.

Just upload a file with:

Code:
<?
echo $_SERVER['HTTPS'];
?>
in it and access it via http and then https to see the output. http won't display anything, https will output:

on
 

santrix

Well-Known Member
Nov 30, 2008
225
2
68
Hi ckh - no - it doesn't - not when accessing the page via a shared SSL certificate and a mod_userdir URL.

I tested this out on another customer account where an SSL had been installed against the domain, and it works fine, as you describe.

I learnt something today

Steve
 

cPanelTristan

Quality Assurance Analyst
Staff member
Oct 2, 2010
7,607
41
348
somewhere over the rainbow
cPanel Access Level
Root Administrator
mod_userdir acts differently over normal requests, so it is not surprising that you won't get that variable returning on when using mod_userdir with a shared SSL certificate. Includes (SSIs and PHP includes) also do not work using mod_userdir due to how includes function. Please note that mod_userdir is only intended as a temporary location for serving requests for pages until a site has been transferred. It isn't intended to be used as a long-term method to serve pages for a site.