I am trying to setup SSL for rails 4 app. I have successfully setup the SSL which i bought from rapidSSL.
this is my configuration file used in apache2 and rails
<VirtualHost *:80>
ServerName example.com
ServerAdmin webmaster#localhost
DocumentRoot /var/www/
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<VirtualHost *:443>
ServerAdmin webmaster#localhost
DocumentRoot /var/www
ServerName example.com
ServerAlias example.com
RequestHeader set X-FORWARDED-PROTO "https"
SSLEngine on
SSLProtocol all
SSLCertificateFile /etc/apache2/ssl/server.crt
SSLCertificateKeyFile /etc/apache2/ssl/server.key
SSLCertificateChainFile /etc/apache2/ssl/intermediate.crt
ServerPath /www
<Directory "/var/www">
</Directory>
</VirtualHost>
config/application.rb
config.force_ssl = true
However, when i run rails s -p 80, it just list the file structure of the folder instead of running the app. I have tried googling around and it seems that i need to use force WEBrick to use SSL but the guide i found here is only for rails 3. Hope someone could help me. Thanks in advance.
Take a look at this blog. Looks perry good and works for me
http://www.napcsweb.com/blog/2013/07/21/rails_ssl_simple_wa/
Related
I'm trying to migrate my apps to docker, but with Apache I'm having some troubles. I'm adding my site.conf to apache (this works fine):
<VirtualHost *:80>
ServerName example.com.
ServerAlias api.example.com
Redirect permanent / https://www.example.com/
</VirtualHost>
<VirtualHost *:80>
ServerName example.com
ServerAlias www.example.com
RewriteEngine on
RewriteOptions inherit
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
</VirtualHost>
<VirtualHost *:443>
ServerName www.example.com
ServerAlias www.example.com
SSLEngine on
SSLCertificateFile /etc/apache2/external/certificate.crt
SSLCertificateKeyFile /etc/apache2/external/private.key
SSLCACertificateFile /etc/apache2/external/ca_bundle.crt
SSLProxyEngine on
SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyCheckPeerExpire off
ProxyPass / http://example:8090/
ProxyPassReverse / http://example:8090/
RewriteEngine on
RewriteOptions inherit
</VirtualHost>
But when I try to add a new virtualhost with a subdomain the container does not start:
<VirtualHost *:80>
ServerName sub1.example.com
ServerAlias sub1.example.com
ProxyPreserveHost On
ProxyPass / http://myapp2:8090/
ProxyPassReverse / http://myapp2:8090/
</VirtualHost>
<VirtualHost *:80>
ServerName sub2.example.com
ServerAlias sub2.example.com
ProxyPreserveHost On
ProxyPass / http://myapp2:8090/
ProxyPassReverse / http://myapp2:8090/
</VirtualHost>
I copy the log files from the container to my host machine, but the errors.logs file doesn't show any significant error as to why it won't boot. The docker logs container-name command doesn't help much either.
Any idea of the possible error?
I finally found the solution. I created a new configuration (new_site.conf) and added my virtualhost configuration. Then I enabled it (a2ensite new_site.conf), I restarted the service and everything was still working. I tried to access through the url and it redirected me well to my application.
I'm trying to redirect all traffic from non-SSL to SSL and force WWW and lastly to redirect an old subdomain to the master domain for a Rails 3 application.
Here is my goal:
http://domain.com -> https://www.domain.com
http://www.domain.com -> https://www.domain.com
http://api.domain.com -> https://api.domain.com
http://old.domain.com -> https://www.domain.com
I'm trying to achieve this from apache config file for the domain which looks like this:
<VirtualHost *:80>
ServerName www.domain.com
ServerAlias api.domain.com
RewriteEngine On
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=permanent]
</VirtualHost>
<VirtualHost *:80>
ServerName domain.com
ServerAlias old.domain.com
RedirectMatch permanent ^/(.*) http://www.domain.com/$1
</VirtualHost>
<VirtualHost *:443>
ServerName www.domain.com
ServerAlias api.domain.com
DocumentRoot /home/deploy/domain/public
RailsEnv production
<Directory /home/deploy/domain/public>
Allow from all
Options -MultiViews
</Directory>
SSLEngine On
SSLOptions +StrictRequire
SSLCertificateFile /ssldomain_com.crt
SSLCertificateKeyFile /ssl/privateKey.key
SSLCertificateChainFile /ssl/domain_com.ca-bundle
</VirtualHost>
For some reason the SSL is fine but there is no redirect happening. The rails application works on all 4 options:
https://domain.com
https://www.domain.com
https://api.domain.com
https://old.domain.com
Any idea how I can clear my apache config file to make this work?
A bit more verbose, but all you should need is:
<VirtualHost *:80>
ServerName www.domain.com
ServerAlias old.domain.com
ServerAlias domain.com
Redirect / https://www.domain.com/
</VirtualHost>
<VirtualHost *:80>
ServerName api.domain.com
Redirect / https://api.domain.com/
</VirtualHost>
Then what you have above for the SSL Virtual Host.
After I installed SSL-certificate, I see extended development-style errors in production (instead of simple "something went wrong").
I use Apache and Varnish and Apache as SSL terminator in front of Varnish. This is my virtual host file:
<VirtualHost *:443>
ServerName my.domain
ServerAlias www.my.domain
SSLEngine On
SSLProtocol all -SSLv2
SSLCertificateFile /path/mydomain.crt
SSLCertificateKeyFile /path/mydomain.key
SSLCertificateChainFile /path/mydomain.ca-bundle
ProxyRequests Off
ProxyPreserveHost On
ProxyPass / http://localhost:80/
ProxyPassReverse / http://localhost:80/
RequestHeader set X-Forwarded-Proto 'https'
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
DocumentRoot /path/to/public
<Directory /path/to/public>
Allow from all
Options -MultiViews
</Directory>
</VirtualHost>
A workaround suggested here helped. Still don't understand what's the matter, though.
In an initializer:
class ActionDispatch::Request
def local?
false
end
end
I'm hosting a domain with both addresses www.domain.com and domain.com through an "alias" directive specified in the VirtualHost config file:
<VirtualHost *:80>
ServerName domain.com
ServerAlias www.domain.com
DocumentRoot /var/www/domain.com/current/public/
<Directory /var/www/domain.com/current/public/>
AllowOverride all
Options -MultiViews
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
Now http://www.domain.com and http://domain.com go to the same content.
I need to redirect every request for www.domain.com to domain.com as well as www.domain.com/something to domain.com/something.
I'm just wondering on best practice for redirecting all traffic from www.domain.com to domain.com. Is should be done at Apache, Passenger or Rails level? and how? 301 redirect?
Any ideas appreciated.
Thank you.
EDIT:
The working configuration is now this one (with "Redirect permanent"):
<VirtualHost *:80>
ServerName www.domain.com
Redirect permanent / http://domain.com/
</VirtualHost>
<VirtualHost *:80>
ServerName domain.com
DocumentRoot /var/www/domain.com/current/public/
<Directory /var/www/domain.com/current/public/>
LimitRequestBody 4096000
AllowOverride all
Options -MultiViews
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
The very best way to solve this is by using Redirect directive placed in a virtual hosts.
<VirtualHost *:80>
ServerName www.example.com
Redirect / http://example.com/
</VirtualHost>
<VirtualHost *:80>
ServerName example.com
</VirtualHost>
Refer here: http://httpd.apache.org/docs/2.2/rewrite/remapping.html#canonicalhost
I just need some clarification on a couple of files.
My site has an admin subdomain and SSL in addition to the normal *:80 details found in the virtual hosts.
My question(s): Do I need to specify a 1) ServerName and 2) DocumentRoot in: /etc/apache2/apache2.conf?
I currently enable my site from this directory: /etc/apache2/sites-available/site
Here are the contents of my site file in the above directory (/etc/apache2/sites-available/site):
<VirtualHost *:80>
ServerName www.site.com
ServerAlias www.site.com
DocumentRoot /home/user/public_html/site/current/public
RailsAllowModRewrite off
<directory "/home/user/public_html/site/current/public">
Order allow,deny
Allow from all
</directory>
</VirtualHost>
<VirtualHost *:80>
ServerName www.site.com
ServerAlias admin.site.com
DocumentRoot /home/user/public_html/site/current/public
RailsAllowModRewrite off
<directory "/home/user/public_html/site/current/public">
Order allow,deny
Allow from all
</directory>
</VirtualHost>
<VirtualHost *:443>
ServerName www.site.com
ServerAlias www.site.com
# SSL releated
SSLEngine on
SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
SSLCertificateFile /path/to/site.com.crt
SSLCertificateChainFile /path/to/bundle.crt
SSLCertificateKeyFile /path/to/site.key
# Used by rails
RequestHeader set X_FORWARDED_PROTO "https"
</VirtualHost>
Do you see anything wrong?
Looks like I was missing a DocumentRoot in my SSL VirtualHost. Fixed! (also cleaned up those aliases)