Many customers use SSL-terminating reverse proxies and load balancers in front of their Apache web server. This configuration shows how to use the X-Forwarded-Proto HTTP header to correctly filter and terminate SSL traffic.
<VirtualHost *:80>
RequestHeader set X-Forwarded-Proto "http"
…
</VirtualHost>
<VirtualHost *:443>
RequestHeader set X-Forwarded-Proto "https"
…
</VirtualHost>
We also need to add a rewrite rule inside VirtualHost:
<VirtualHost *:80>
RequestHeader set X-Forwarded-Proto "http"
RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
…
</VirtualHost>
