Sitecore – Running Sitecore in Docker on a non default port

Sitecore has a really nice docker example project, which will help you start using Docker for local development. This project uses Traefik as a forward proxy, which makes it easy to configure and use SSL for all the services within the project.

When you run the project, you will have to make sure that certain ports are free, as these are mapped to the host. These ports are:

PortDescription
443HTTPS
8079Traefik Management Site
8984Solr
14330MSSQL
8081XConnect

The ports above can be changed by editing the docker-compose.yml file, however when you change the HTTPS port (443) to something else, Sitecore crashes and you cannot access your instance anymore.

The following error is shown after you change the port:

System.Uri.CreateThis(String uri, Boolean dontEscape, UriKind uriKind) +261
System.UriBuilder.get_Uri() +60
Sitecore.Web.WebUtil.GetRequestUri(HttpContextBase context) +178
Sitecore.Pipelines.HttpRequest.OverrideDialogs.Process(PreprocessRequestArgs args) +41
(Object , Object ) +14
Sitecore.Pipelines.CorePipeline.Run(PipelineArgs args) +490
Sitecore.Pipelines.DefaultCorePipelineManager.Run(String pipelineName, PipelineArgs args, String pipelineDomain, Boolean failIfNotExists) +236
Sitecore.Pipelines.DefaultCorePipelineManager.Run(String pipelineName, PipelineArgs args, String pipelineDomain) +22
Sitecore.Web.RequestEventsHandler.OnBeginRequest(HttpContextBase context) +166
Sitecore.Nexus.Web.HttpModule.%E2%81%AB%E2%80%AB%E2%80%8E%E2%81%AA%E2%80%AE%E2%81%AC%E2%80%8C%E2%80%AE%E2%80%AC%E2%80%8D%E2%81%AF%E2%80%8D%E2%80%8E%E2%81%AF%E2%80%8D%E2%80%8B%E2%80%AA%E2%80%AC%E2%80%8E%E2%80%AD%E2%80%8F%E2%81%AF%E2%80%AC%E2%80%8D%E2%81%AA%E2%80%8D%E2%81%AA%E2%80%8C%E2%81%AF%E2%80%8D%E2%80%8D%E2%81%AD%E2%80%AB%E2%80%8E%E2%80%8B%E2%80%AA%E2%81%AA%E2%80%AA%E2%80%AB%E2%80%8C%E2%80%AE(Object , EventArgs ) +137
System.Web.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +223
System.Web.HttpApplication.ExecuteStepImpl(IExecutionStep step) +220
System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +94

The reason why this is happening, is because Traefik sends the X-Forwarded-Host header, which is parsed by Sitecore. When using the default HTTPS port, the header value would be as follows: myhost.com. However, when you’re using a non-default port, the port number is appended to the host as follows: myhost.com:8443.

Unfortunately there’s a bug in Sitecore, where it tries to parse the value of the X-Forwarded-Host header, but fails because it contains a port number. I’ve reported this to Sitecore almost a year ago (at the time of writing), however it is still not resolved. The public reference number is 455419 .

How can we fix this?

There are a few routes to take to fix the issue:

  1. Add a processor to the HttpRequestBegin pipeline, and fix the value of the header.
  2. Change the Sitecore setting Sitecore.LoadBalancing.HostHeader to a non existent header name (make sure that that header cannot be set by the client), so it can’t read from the header and will use the Host header.
  3. Remove the X-Forwarded-Host header before it reaches Sitecore.

Option 1 and 2 require modifications to Sitecore, which I’d rather not make as I’d like to run it out of the box. Luckily for us, we can easily implement option 3 by changing the Traefik configuration in our docker-compose.override.yml file.

For each of your Sitecore services defined in your docker-compose file, make sure you add a label that forces Traefik to remove the header. You can do this as follows:

  cm:
    labels:
      - "traefik.http.routers.cm-secure.middlewares=force-STS-Header, stripForwardedHostHeader"
      - "traefik.http.middlewares.stripForwardedHostHeader.headers.customrequestheaders.X-Forwarded-Host="

The label with the name traefik.http.routers.cm-secure.middlewares should already exist (either in your docker-compose.yml or docker-compose.override.yml), but the value has to be changed so it includes stripForwardedHostHeader.

The other label makes sure that Traefik removes the X-Forwarded-Host header, by setting it to an empty value. I’ve created a Pull Request to the docker-examples repo, and hopefully this gets merged anytime soon.

Leave a Reply

Your email address will not be published. Required fields are marked *