I have a rails app that's configured to force SSL:
Rails.application.configure do
config.force_ssl = true
end
It is then deployed to Heroku (free tier), where I configured to add my custom domain.
On Cloudflare, I only have these 2 records:
CNAME example.com example.herokuapp.com
CNAME www example.com
I also set the SSL option to be full.
My understanding is that, when people visit my webiste at www.example.com, they get redirected to the apex (non-www) url.
However, now whenever I visit the www version, it shows me the Heroku's No Such App page.
I have no idea what I did wrong and have tried all sorts of ways I have found online for a whole week. Hope someone can help me out, thanks!
Looking at the response from heroku 'No such App' found, please confirm if www.example.com is added as custom domain under settings?
Related
We have moved the source code and database of a rails APP from one server to another. When we try to run the site from the new server using IP address, it is redirecting and loading the old website url. Can anybody please advise what is the cause for it. How do i resolve the issue so that i can load the website using the IP?
Can someone please help?
Check the files development.rb and production.rb - you might need to update the default urls there.
As well default_url_options or IP-addresses might be white/black-listed in application.rb
I am having a problem testing a subdomain for my app. I read in a post that lvh.me will translate into localhost. This has worked well for me in my development environment. I've modified my rails app's routes.rb to have this code:
constraints(Codeopenhub) do
get '/', to: 'codeopenhub#index'
get '/*other', to: 'codeopenhub#index'
end
Basically the code is saying that if you hit code.openhub.net/anything, you'll hit a particular page. Now when I deploy this onto my staging environment, this doesn't work at all. Hitting the subdomain says that the site can't be reached. server DNS address could not be found. Do I need to add an accompanying modification to nginx/sites-enabled or nginx/sites-available? Or perhaps I need an entry in /etc/hosts?
I was following these resources but now I'm a bit stuck and hit a wall. Could someone lend me a hand? It would be greatly appreciated.
Dealing with Subdomains
Capybara and Subdomains
I have a Rails 4.1 app running on heroku, and it uses a heroku SSL endpoint and has a valid SSL cert (config.force_SSL = true). SSL on the main site works well. I also have a Wordpress blog hosted at Bluehost, not using SSL. I'm using the rack-reverse-proxy gem to present the blog as my-app.com/blog.
The issue is that Chrome and Firefox both refuse to load assets from the blog because the blog is not secure. How do I address this?
Technical details
Let's say the Rails app is https://my-app.com.
And the Wordpress blog (on Bluehost) is at http://myappblog.com.
In my Wordpress Settings -> General, I have both the Wordpress address and Site address set to https://my-app.com/blog (although this problem also happens if Wordpress address is http://myappblog.com or https://myappblog.com).
Rails routes.rb
get "/blog" => redirect("/blog/")
# I have also tried get "/blog" => redirect("/blog/"), constraints: {protocol: /http/}
config.ru
require ::File.expand_path('../config/environment', __FILE__)
use Rack::ReverseProxy do
reverse_proxy(/^\/blog(\/.*)$/,
'http://myappblog.com$1',
opts = {:preserve_host => true})
end
Console error in Chrome
[blocked] The page at 'https://my-app.com/blog/' was loaded over
HTTPS, but ran insecure content from
'http://my-app.com/blog/wp-content/themes/independent-publisher/js/skip-link-focus-fix.js?ver=20130115':
this content should also be loaded over HTTPS.
I had a similar problem. I mucked around with extra SSL certs and the Wordpress HTTPs plugin, but I could never get everything to play nicely with the rack-reverse-proxy gem.
In the end, I fixed it, with a caveat:
In your routes.rb make sure you explicitly set the full path URL to your blog site:
#OLD get "/blog" => redirect("/blog/")
get "/blog" => redirect("http://my-app.com/blog/")
I've also got "Wordpress Address" and "Site Address" set to http://my-app.com/blog.
Caveat:
With this setup, the missing content/css errors may continue if you're requiring SSL for the wp-admin area. Using define('FORCE_SSL_LOGIN', true); in your wp-config.php will let you secure the login at least, and if there's no CSS on that page, it's only affecting the people that need to log in to post to the site. To the general public, everything will look fine.
I eventually resolved this by getting an SSL certificate for the blog (myappblog.com) as well. Once the blog site and the app site were both secure, this wasn't a problem anymore.
Hello I am currently going through the tutorial below to add ssl to my heroku app
https://gist.github.com/shripadk/552554
so for today, I bought a domain name, set the cname to point to my heroku app
Currently my domain name is working.
I am trying to add ssl security feature to my app so secure.domainname.com works
Following the tutorial
heroku addons:add custom_domains:basic
I got an error
add ons not found
I can't find this add on on heroku as well. but I searched this command through stackoverflow and its suppose to exist?
I got the same error with this command
heroku addons:add ssl:hostname
but it also said adds on not found, later I found this same add on heroku but its with a different command.
This is the part that I don't get on the tutorial
After adding the ssl add on
This will add a $20/month (as of the time of this writing) fee to your Heroku bill for SSL.
VI: Setting up your DNS to work with Heroku Hostname SSL
You should recieve an email from heroku within a few minutes of adding the ssl:hostname addon. You need to add a CNAME record to your DNS that points to the AWS host in the email you receive. This should be pretty self explanatory, but if you have any questions, search for 'adding a CNAME record' in Google and you'll see lots of good guides.
Test that 'host secure.yourdomain.com' outputs 'something.amazonaws.com'. If it does, you're all set.
You should now be able to go to 'https://secure.yourdomain.com' and not see any errors or security warnings.
What is going on behind the scenes
When a user visits your site using 'http://secure.yourdomain.com', they're hitting your GoDaddy CNAME record, which points to an 'something.amazonaws.com' address which effectively routes the request to Heroku's grid, and a secure connection gets established from there following the standard SSL handshake process.
I didn't get an email, neither does appname.herokussl.com exist?
Am I suppose to use Zerigo DNS? for anything, its mentioned once in the top of the tutorial but not anywhere else?
From reading the comments, someone got a problem with the end part as well.
Thanks!
I followed this tutorial for both heroku and for my own server setup and when trying to setup on heroku for the first time I did not do it correctly so I will explain some of the important steps when setting up ssl on heroku.
Use OpenSSL to generate a new self-signed certificate ('host.csr') using the host key we just created. This is what you'll be sending to
GoDaddy to model your new SSL after.
At the step above make sure you fill in the information correctly and also make sure your common name matches your ssl certificate name.
2. Combine 'secure.yourdomain.com.crt' and 'host.key':
You will need to combine your ssl keys. If you're using godaddy there are 2 files included name gd_bundle.crt and secure.yourdomain.com. Upon during the tutorial you will generate about 5-6 files in which you will only use 1.
Remove pass phrase from the public key certificate (required by Heroku)
In order for heroku to read your ssl cert you will need to remove all passwords on the certs so make sure the passwords are removed. There will be two files depending on how you have combined them with the extensions .pem and .key (The updated ones not the ones you started with).
You've most likely added the domain and subdomain so now through the command line run
heroku ssl:add ../ssl-cert/public.pem ../ssl-cert/private.key
Remember get the path of the newly updated files. Also when editing the files and copying over keys make sure there are no white spaces in between keys. Let me know if this helps.
I've deployed a Rails 3.2 app to Heroku. I would like the app to be accessible from http://myapp.mydomain.com and for routes to be accessible from this url, e.g. http://myapp.mydomain.com/ModelA/1
I've followed the instructions at https://devcenter.heroku.com/articles/custom-domains
When I enter http://myapp.mydomain.com in the bowser addressbar it successfully takes me to the app.
BUT the url is rewritten as myapp.herokuapp.com
I've already added the domain to Heroku heroku domains:add myapp.mydomain.com.
How do I maintain the custom domain throughout my app?
This looks like a DNS config issue. You should check your hosting provider to make sure you have your site set up as a CNAME to proxy.heroku.com, not a redirect or anything else.
(Glad you were able to solve it!)