place this in the beginning of the frontend and backend web index.php
// Force SSL when behind an SSL proxy
// this ensures that internally generated absolute urls also are ssl
if ("https"== strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']))
$_SERVER['SERVER_PORT'] = 443;
$_SERVER['HTTPS'] = 'on';
if(isset($_SERVER['HTTP_X_REAL_IP'])) $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_X_REAL_IP'];
$_SERVER['HTTP_HOST'] = str_replace(':443','',$_SERVER['HTTP_HOST'] );
Unless you need an SSL certificate from a specific CA or business reasons, try LetsEncrypt.org. I was able to setup mandatory HTTPS with nginx in a few simple steps with absolutely no changes to the Yii code. Plus, it’s free.
Yes I do use ssl for the proxy, then there it is terminated and internally redirected to the docker container running yii.
That all works fine
Even though I removed the forwarding port from the proxy I still had to add this code to make the app play nice when other plugins create a secure link and check the isSecureConnection. Otherwise I get mixed content and that breaks security rulings