On Fri, Jul 6, 2012 at 4:44 PM, Jim S <[email protected]> wrote: > Thanks for that Richard. I took your advice and got it working with > Apache, mod_wsgi, mod_ssl, and redirection. > > I have it set now so all activity is forced to SSL and created my own > certificate. > > Easy step-by-step instructions for the cert creation I found here: > http://www.akadia.com/services/ssh_test_certificate.html > > Redirecting to SSL I found here: http://wiki.apache.org/httpd/RedirectSSL >
Yop! you and do it at Apache level or there is a new feature in the Admin that use router somehow to force HTTPS too. I didn't try it yet and it maybe even more sure you don't get no body get to HTTP at Apache level, but web2py start to be feature rich and it pretty nice. An other thing you can do now that you force HTTPS could be to make sure no one can connect to web2py Admin and Appadmin with this recipe : Search for : Securing sessions and *admin* * * *In this page :* * * *http://web2py.com/books/default/chapter/29/13* Sorry there is no anker I think... Anyway, if you need help with this just ask, I strungle a lot when I put that in place, but now I master it. But I am not sure you can do it easily under windows, since there is no easy way to get SSH. At least if you don't need to access admin and appadmin in the prod environnement you can just delete the parameters_443.py from web2py root folder or better just rename it so you can put it back in place when you need it. This way no body will be able to access admin and appadmin in your prod environnement, not even you except if you put back the file in place. The parameters_443.py file only contain the password (it's encrypted) that you give when starting web2py. Richard > > General Windows/Apache/SSL setup I found in the web2py book. > > Not being really strong on certificates or apache configuration, I found > these resources to be really helpful in getting the all running. > > -Jim > > > On Thursday, July 5, 2012 3:52:35 PM UTC-5, Richard wrote: > >> I would not use Rocket for sure for kind of production app... >> >> Apache works fine to me until now, but I plan to migrate to nginx soon >> when I will find a good tutorial and when I get time :) >> >> Richard >> >> On Thu, Jul 5, 2012 at 4:48 PM, Jim S wrote: >> >> Hi >>> >>> I'm deploying my app in a Windows environment. >>> >>> To answer the first obvious questions, it's because I have to connect to >>> an IBM AS/400 database and ODBC connection is really tough for me on Linux. >>> So the question could be - How do I connect to DB2/400 from ubuntu, but I >>> digress... >>> >>> I'd like to force all users to an HTTPS connection, about 75 total for >>> our in-house app. >>> >>> I'm thinking that a solution utilizing nginx would be preferable, but it >>> may be overkill for my user base. >>> >>> What is the best way to get this to happen? Can I configure the Rocket >>> web server to handle this, or would that be discouraged? >>> >>> Any thoughts/input would really be appreciated. >>> >>> -Jim >>> >> >>
