place this in the beginning of the frontend and backend web index.php
// Force SSL when behind an SSL proxy
// this ensures that internally generated absolute urls also are ssl
if ("https"== strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']))
{
$_SERVER['SERVER_PORT'] = 443;
$_SERVER['HTTPS'] = 'on';
if(isset($_SERVER['HTTP_X_REAL_IP'])) $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_X_REAL_IP'];
$_SERVER['HTTP_HOST'] = str_replace(':443','',$_SERVER['HTTP_HOST'] );
}
I would recommend you make use of filters also known as middlwares, here is yii extension which provides an https filter as well other helpers to aid with https
Unless you need an SSL certificate from a specific CA or business reasons, try LetsEncrypt.org. I was able to setup mandatory HTTPS with nginx in a few simple steps with absolutely no changes to the Yii code. Plus, it’s free.
Yes I do use ssl for the proxy, then there it is terminated and internally redirected to the docker container running yii.
That all works fine
UPDATE:
Even though I removed the forwarding port from the proxy I still had to add this code to make the app play nice when other plugins create a secure link and check the isSecureConnection. Otherwise I get mixed content and that breaks security rulings