When I setup my store, I sued FastCGI to get acceptable performance which was fine as I don’t get many hits. Today I installed BrowseBack because it came as part of the software bundle I purchase through MacHeist/MacUpdate. As I hit my store a lot to check stats and such, BrowseBack kept loading the store which spiked the server load to 4 and required me to kill BrowseBack to get my server back to normal. While this isn’t normally a problem, it exposed a potential kink in my server’s armor. So I went looking for an alternative. I’ve read about using lighttpd by proxying requests from Apache. Setting it up was straightforward and seemed to work well, until a customer complained that he couldn’t purchase. I tried it myself (again) and it worked fine. I had someone else try again and it failed. Hmmm. After much tinkering, I figured out the problem, my store code required an https connection otherwise it redirected to https which was fine, except that coming from the proxy, it was always an http connection. Since I already do a redirect on my store so that any http://store.receiptwallet.com requests goes to https://store.receiptwallet.com, I can be assured that all requests are secure. So I commented that line out of my store and everything is working fine.
(On a side note, the reason I couldn’t see it myself is that it was checking for local requests and since I access my server using a private IP address range, it basically got flagged as local, so it never required the SSL connection.)