Rewriting/enforcing SSL behing an SSL termination point

Jason Farnsworth jason at
Fri Dec 9 08:08:50 CET 2011

Hi everyone, new Varnish user and new to the list here, but I've quickly
become a strong advocate of using Varnish in our organization based on my
initial experiences with it.

However, I'm having a difficult time finding information on what I think
would be a fairly common problem.  We want to enforce the use of www.
(which we currently do with mod_rewrite) AND enforce the use of HTTPS -
site wide.  I'm aware that we can do both of these with mod_rewrite, but
there are various reasons I'd like to keep this at the Varnish levelŠ

We are hosted on Amazon Web Services and all SSL termination is done by an
Elastic Load Balancer.  So all I'm looking to do is re-write URLs like
thisŠ -> -> ->

Of course, we also want to pass on the x-forwarded-proto header (which is
pretty well documented, no problem there.)

The URL re-write directions on the website address rewriting the host and
the path well, but not SSL.  It would make me quite happy if we could use
Varnish for all this.

Jason Farnsworth

More information about the varnish-misc mailing list