I'm deploying my existing https rails app to a staging server, and for some reason I keep getting redirected to the https version of the site (which is the desired behavior on the production server, but not on the staging on to which I'm deploying). On the staging server it doesn't return anything after getting redirected to https.
When I type in my.ip.add.ress in the browser, it redirects to https://my.ip.add.ress. I've checked that config.force_ssl = false. There does not appear to be any other function in my app that would redirect to ssl (searched for all occurrences of ssl and https in my app). rails c production boots up fine.
I'm not even sure my app is getting hit, as my production.log isn't being written to. Could apache be trying to redirect to ssl? There are no such directives in the apache2.conf (https://wiki.apache.org/httpd/RewriteHTTPToHTTPS).
I'm running Apache2 with the Passenger module. I don't have a .htaccess file in my app. It's a Rails 3.2 app.
Did you have "force_ssl = true" at one point? That would create a permanent redirect. Clearing your cache will fix that.
Or perhaps you've set the "Strict-Transport-Security" header on that domain? That would also force a redirect to the HTTPS version. To turn that off in chrome, navigate to "chrome://net-internals/#hsts". Then delete that domain. You can query it first, to see if exists in the cache.
Related
I have an app that has a rails backend and react frontend. In Heroku i have two custom domain names one for the front end and one for the backend and both have SSL certificates via Heroku SSL.
In my production.rb file I have
config.force_ssl = true
But for some reason my app is not redirecting to HTTPS. The app works and everything but it still has the http link thats not secure. I am using react router on my frontend. Does anyone have ideas to why this may not be working? Or have any other ideas on how I can successfully redirect?
I have a Rails 5 app with Heroku's SSL added. www.example.com and example.com works fine but when I preface my site with "https://" It doesn't work, but "http://" works.
I'm using Namecheap.com for my DNS. How do I go about getting "https://example.com" to direct to my heroku app?
What you need to do is :
You need to have SSL Endpoint addon added to your heroku app
It will provide a EndPoint URL for your heroku app.
https://devcenter.heroku.com/articles/ssl-endpoint
And you need to add SSL cert configured brought from third party vendors.
Then you can add CNAME record with with given EndPoint URL from SSL Endpoint plugin.
Make sure to add this in config/environments/production.rb
config.force_ssl = true
It will work then.
I have a domain with ssl running rails app. Currently on production I already enabled config.force_ssl = true, the ssl works perfectly. Now the issues is, if I typed example.com it redirect to https://example.com but I need it to redirect back to https://www.example.com.
My rails app running on AWS. Thanks!!
I've been playing with HTTPS in a local rails application using the 'answer' from the following question: Configuring WEBrick to use SSL in Rails 4
So i was running rails via a 'second /bin/rails_temp file and the https was working
now going back to my original rails file and just running 'rails s' I get redirected to https for everything
I've tried clearing cache in browsers, loading new browsers, removing /tmp/ contents
Totally lost!
Are you forcing SSL anywhere in your application?
For example config.force_ssl = true
Perhaps changing the port would affect the behaviour?
:Port => 3000, # Specify the port here
Perhaps your laptop is caching the state of the server so changing it's address (using /etc/hosts) would help?
127.0.0.1 sslapplication.local
I have been trying to configure my rails project to use SSL (as application wide) with thin (by adding thin gem and placing config.force_ssl = true to application.rb) but as a result, I have an annoying problem.
When I start my rails server using rails s and try to access http://localhost:3000 it redirects to https://localhost:3000 which is correct, however it will complain about missing SSL certification..
SSL connection error
Unable to make a secure connection to the server. This may be a
problem with the server, or it may be requiring a client
authentication certificate that you don't have.
On the other hand, If I start my application using thin start --ssl and try to access http://localhost:3000 it doesn't redirect to https://localhost:3000 and complains about this:
No data received
Unable to load the webpage because the server sent no data.
but by accessing https://localhost:3000 it just shows certificate warning but it all works after agreeing to continue.
So my question is, How can I make http to https redirection work when using SSL with thin in (development mode)?
Perfect answer would contain possibility to start server normally by using rails s while SSL would be enabled application wide and accessing http redirects to https and all works! :)
Thanks in advance, have been searching for hours but cant find an answer.
You should install your own openssl signed certificate.
You can find more information on this page
Your PC as (localhost) can self sign SSL certificate and your browser can accept it, but i think that browser will not automatically accept certificate with security on that layer. Maybe to try to add your localhost certificate to the browser ?
Verify config/environments/development.rb has the following line
config.force_ssl = true
Refer the post thin with ssl support and ruby debug and the responses(from nathan and shree) that has more information on this subject:
Use ngrok (https://ngrok.com/). It's free. Installation is easy.
Just start up your server, then in another terminal window run
ngrok http 3000
ngrok will give you an address that loops back to your dev machine - something like http://randomstringhere.ngrok.io
Put that in your browser and you'll see it redirect to https://randomstringhere.ngrok.io, still routing to your server on port 3000
Here is the simplest solution.
https://makandracards.com/makandra/15903-using-thin-for-development-with-ssl