Hi Harper,
The easiest (and probably best) solution would be to get a second IP
for your box, and switch your non-ssl sites to it.
As for confining ssl to certain sections of your site, it's probably
best done through your application. Write a before_filter that checks
to see if the request is using ssl, and redirect if appropriate.
Ex:
before_filter :redirect_to_ssl
def redirect_to_ssl
if(request.env['HTTPS'] != "ON")
redirect_to request.env['REQUEST_URI'].sub(/^http/i, "https")
end
end
before_filter :no_ssl
def no_ssl
if(request.env['HTTPS'] == "ON")
redirect_to request.env['REQUEST_URI'].sub(/^https/i, "http")
end
end
-- Wes
On 2/4/07, harper <[EMAIL PROTECTED]> wrote:
>
> hi all && many thanks.
>
> very helpful. i've already managed to raise the whole app i need to ssl,
> so that all of the content in my site (as well as the store partion,
> which is really the only part in ssl i need) is in the https protocol.
>
> thing is, i've just learned that ssl works according to the ip of the
> server, and not the server_name; this is fine, except, i'm running
> six-seven rails apps on the same server (one ip) [#vhosts#] and so
> whenever i do https://one-of-these-apps/ it redirects to the specific
> app i put the ssl_configuration into.
>
> example -->
>
> http://www.octava.co.il/ # goes to octava (good)
> https://www.achia.co.il/ # goes to achia in ssl (good)
> https://www.octava.co.il/ # goes to achia in ssl (bad)
>
> this is a broader problem of the fact that i'd like to confine the
> https:// to a certain part of the application (only the store partion,
> not the content part) and not according to the whole app. (certainly not
> according to the whole ip of the server either).
>
> so if i have a mongrel instance running on /var/www/achia, how do i
> setup the nginx.conf to give https support only to the store portion of
> the app and NOT to any other parts of the app / other apps on the
> server? (i.e, only part of the controllers in the achia app).
>
> either way, thanks for all the above help.
> oh, and thanks to [EMAIL PROTECTED] good catch.
>
> -s
>
>
> --
> Posted via http://www.ruby-forum.com/.
>
> >
>
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Deploying Rails" group.
To post to this group, send email to rubyonrails-deployment@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/rubyonrails-deployment?hl=en
-~----------~----~----~----~------~----~------~--~---
