Hello,
I need protect a rails application. I have the application in a
virtual host(see below) in their configuration I used Auth* directives
but don’t work fine.It ask for the user/pass but If I cancel it show the
page without images, css, … (all hosted in public directory).
How I can protect all my application?
Thanks!
=======================
virtual host config file:
<Proxy balancer://foobar_cluster>
BalancerMember http://127.0.0.1:7995
Setup the VirtualHost for your Rails application
<VirtualHost *:80>
ServerAdmin [email protected]
ServerName foobar.com
ServerAlias *.foobar.com
DocumentRoot /home/foobar/current/public
<Directory ‘/home/foobar/current/public’>
Options FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
AuthType Basic
AuthName "Realm..."
AuthUserFile /usr/local/apache2/conf/.passwd_web
Require valid-user
Not supported on Mac OS X.
EnableSendfile On
Allow Rails to delegate the service of static resources.
XSendFile on
XSendFileAllowAbove on
Setup your Rewrite rules here
RewriteEngine On
This rewrites all dynamic requests to /system/maintenance.html if
that
file exists, this file is created by Capistrano’s disable task.
RewriteCond %{DOCUMENT_ROOT}/system/maintenance.html -f
RewriteCond %{SCRIPT_FILENAME} !maintenance.html
RewriteRule ^.*$ /system/maintenance.html [L]
Rewrite to check for Rails cached page, we don’t use caches at this
moment
RewriteRule ^([^.]+)$ $1.html [QSA]
Redirect all non-static requests to the cluster.
RewriteCond %{DOCUMENT_ROOT}%{REQUEST_FILENAME} !-f
RewriteRule ^/(.*)$ balancer://foobar_cluster%{REQUEST_URI} [P,QSA,L]
Compress common non-binary content.
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css
application/x-javascript
Error logs
ErrorLog “|/usr/local/apache2/bin/rotatelogs
/usr/local/apache2/logs/foobar_error_log_%Y%m%d 86400”
CustomLog “|/usr/local/apache2/bin/rotatelogs
/usr/local/apache2/logs/foobar_access_log_%Y%m%d 86400” combined
env=!dontlog
#Fix for Apache bug 39499
SetEnv force-proxy-request-1.0 1
SetEnv proxy-nokeepalive 1