I have a koken setup with two servers:
Koken [ip: 10.107.29.182]: HTTP installation with nginx and php-fpm on port 80
Frontend [ip: 10.107.29.61]: SSL proxy that forwards connection to koken and which does SSL termination and which is available on the internet.
With this setup I'm getting Koken API Error: " The theme is not able to make contact with your Koken installation. Contact your host to see if they are blocking loopback connections. "
When looking at the logs I see that koken is able to connect to the server:
10.107.29.182 - - [06/May/2017:11:12:10 +0000] "\x16\x03\x01\x02\x00\x01\x00\x01\xFC\x03\x03;(\xD1\xC02Al\x1C\xF9\x1C\xAA\xFE\xDE\x95\xAE\x09\xBA<\x90\xDD[\xE3C1[.\x07\xD6`\xEB\xB3\xB7\x00\x00\x9E\xC00\xC0,\xC0(\xC0$\xC0\x14\xC0" 400 182 "-" "-"
10.107.29.182 - - [06/May/2017:11:12:10 +0000] "\x16\x03\x01\x02\x00\x01\x00\x01\xFC\x03\x03N\x944x\x07\xC61\x97r\xC8l.\x8D@)7\x82aE\x05\x07\x99KK\xC5\x88Ib\x03\x1BD\xFD\x00\x00\x9E\xC00\xC0,\xC0(\xC0$\xC0\x14\xC0" 400 182 "-" "-"
10.107.29.61 - - [06/May/2017:11:12:10 +0000] "GET / HTTP/1.0" 200 511 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:53.0) Gecko/20100101 Firefox/53.0"
We see that the frontend is making a connection to Koken. This triggers a couple of API calls in the backend with a weird URL strings.
Judging from the protocol it looks like as if the CURL backend service tries to access port HTTPS over the HTTP connection. I was able to resolve this issue by forcing 'http' in the CURLOPT_URL line in Koken.php:
# diff app/site/Koken.php modified.php
< curl_setopt($curl, CURLOPT_URL, 'http' . '://' . $host . self::$location['real_root_folder'] . '/api.php?' . $url);
> curl_setopt($curl, CURLOPT_URL, self::$protocol . '://' . $host . self::$location['real_root_folder'] . '/api.php?' . $url);
This way I force koken to access the website over the loopback.
Is there a better way to correct this? It seems that `self::$protocol` should be detected from the php connection.
This question has received the maximum number of answers.