Setting the SSL Offload Header Value

How to set the header value required by load balancers when configuring SSL-offloading for DNN. Some examples of the headers included:

Prerequisite. SSL must be enabled for the required sites (See "Setting SSL Settings for a Site") and any pages that should be secure should be configured as secure pages. See "Configuring Advanced Page Settings"

  1. Navigate to HostThese users have full access to manage the settings and content of all sites with this DNN installation, including the Host site. SuperUser accounts are created using the Host > SuperUser Accounts module. > Advanced Settings > Manage Web Servers.
  2. Expand the SSL Offload Header Value section.
  3. In the Header Value text box, enter the header value. E.g. X-FORWARDED-FOR

  1. Click the Save button.

Now when a request arrives at the load balancer, if it has SSL offloading enabled it will pass the request onto the web server with the request rewritten from a secure to insecure request (E.g. to This will be the request that DotNetNuke processes. Normally DNN would then determine that the request is for a "secure" page and rewrite the path back to, but the existence of the header ensures that DNN knows it should instead serve the page up via HTTP. The results will then be passed back to the SSL-Offloading load balancer which will return the page to the user as those an SSL request was made (as is the case as the SSL certificate was verified by the load balancer which processes SSL requests more efficiently than the individual web server(s) would - as well as simplifying management by ensuring only the load balancer needs the SSL certificate installed rather than each web server).