Hello,
I am configuring apache 2.2 to serve my rails app through passenger.
First, I redirect all http traffic to https with the following:
This is my web server apache conf file.
ServerName sampleapp
NameVirtualHost *:80
<VirtualHost *:80>
Options FollowSymLinks
RewriteEngine On
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R]
</VirtualHost>
Inside the <VirtualHost *:443> section, I have the following
configuration, which seems extremely standard:
<Directory />
Options FollowSymLinks
AllowOverride None
Order deny,allow
Deny from none
Allow from all
</Directory>
ProxyPreserveHost on
ErrorLog "/usr/local/apache2/logs/error_log"
TransferLog "/usr/local/apache2/logs/access_log"
SSLEngine on
<Proxy balancer://hotcluster>
BalancerMember http://appserver:8010/
</Proxy>
ProxyPass / balancer://hotcluster/
ProxyPassReverse / balancer://hotcluster/
SSLCipherSuite
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateKeyFile "/home/sasi/test.key"
SSLCACertificateFile "/home/sasi/test.cer"
SSLCertificateChainFile "/home/sasi/test1.cer"
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/usr/local/apache2/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
BrowserMatch ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog "/usr/local/apache2/logs/ssl_request_log" \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
RequestHeader set X_FORWARDED_PROTO "https"
RewriteEngine On
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R]
RewriteCond %{HTTPS} !=on
RewriteRule ^/(.*) https://%{SERVER_NAME}%{REQUEST_URI} [L,R]
ProxyRequests Off
<Proxy *>
Order Allow,Deny
Allow from all
AuthType Basic
AuthName Transmission
AuthUserFile /etc/apache2/users
# Require user me
</Proxy>
</Virtualhost>
In my app server i point my application which runs with passenger ,
apache in 8010 port
<VirtualHost *:8010>
RailsEnv development
DocumentRoot /home/appserver/sampleapp/public
<Directory />
Options FollowSymLinks
AllowOverride None
Order deny,allow
Deny from none
Allow from all
</Directory>
ProxyPreserveHost on
RequestHeader set X_FORWARDED_PROTO "https"
ProxyPass /images !
ProxyPass /stylesheets !
ProxyPass /javascripts !
RewriteEngine on
RewriteCond %{REQUEST_METHOD} ^(HEAD|TRACE|DELETE|TRACK) [NC]
RewriteRule ^(.*)$ - [F,L]
RewriteCond %{REQUEST_METHOD} !^(OPTIONS|GET|POST)$ [NC]
RewriteRule .* - [F,L]
</VirtualHost>
When I point my browser to "https://sampleapp/session/new"; I get the
login page that I expect. After giving the login credentials my site url
changes from https to http as (http://sampleapp/home) instead of staying
in (https://sampleapp/home). If i manually change the url to "https". It
stays fully in https .
The way in which i have written rewrite condition in app server and web
server is right?
Can anybody suggest me .
Please Help!
Sasi
--
Posted via http://www.ruby-forum.com/.
--
You received this message because you are subscribed to the Google Groups "Ruby
on Rails: Talk" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en.
