The Moodle environment needs to be configured to support SSL proxies and to ensure that all URLs are HTTPS rather than HTTP. This configuration is stored in config.php which is located in the moodle/htdocs directory. Two changes are required to this file, as follows:

Configure Moodle to not do any SSL processing because that is being performed by the LoadMaster.

$CFG->sslproxy = 1;

  • Tell Moodle to rewrite all URLs with HTTPS (as this is not done in the LoadMaster in a Moodle configuration). The config.php file usually selects the reply protocol based on the client request protocol. Update the code to ensure that all replies are HTTPS.
  • Before:

if ($_SERVER['HTTPS'] == 'on') {

$CFG->wwwroot = 'https://' . $_SERVER['HTTP_HOST'] . '/moodle';

} else {

$CFG->wwwroot = 'http://' . $_SERVER['HTTP_HOST'] . '/moodle';

};

After:

if ($_SERVER['HTTPS'] == 'on') {

$CFG->wwwroot = 'https://' . $_SERVER['HTTP_HOST'] . '/moodle';

} else {

$CFG->wwwroot = 'https://' . $_SERVER['HTTP_HOST'] . '/moodle';

};

The only change in the code is to add an s to the end of http in the else part of the if statement. Changing the http:// to https:// ensures that all URLs are prefixed by the correct protocol.