Note: The terms 'Web Application Firewall' (WAF) and 'Proxy' both refer to the Airlock WAF.
Your server access logs contain the protocol used between the server and the Web Application Firewall, but not the protocol used between the client and the Web Application Firewall.
The X-Forwarded-Proto header is a standard header for identifying the protocol (HTTP or HTTPS). It is set on each HTTP request by the proxy and can be used by a server application to determine what protocol the client used to connect to your proxy (Airlock WAF).
In order to determine the protocol used between the client and the WAF you must enable the X-Forwarded-Proxy header using the Airlock WAF interface. (The unblu server is already coded to check for the X-Forwarded-Proto header.)
Note: The instructions below were supplied by Ergon (the Airlock WAF manufacturer). It may be useful for you to access the following links for more information:
Airlock documentation (general)
The Airlock Knowledge Base for more on installing the Airlock WAF
Configuring the X-Forwarded-Proto Header
In the Application Firewall > Reverse Proxy administration screen, select the SG Expert Settings tab.
The ICAP service can already determine the front-end protocol used today. Using the SG Expert Settings tab additional ICAP headers can be defined:
SecurityGateway * Icap.Action.4.Header.Insert.Name "X-Forwarded-Proto"
SecurityGateway * Icap.Action.4.Header.Insert.Value "%ENTRYPROTOCOL%"
Note: The number "4" refers to the nth defined ICAP service. You must use the correct number, which is defined in the "default settings file" / "Generated Config".