Forum: Rails deployment pasenger,rails-2.3.8,apache 2.2.21

F16b71baaad2a57e4195336eae2b4c49?d=identicon&s=25 Sasidaran S. (sasidaran_s)
on 2011-10-10 14:21
Hello,

I am configuring apache 2.2 to serve my rails app through passenger. Im
trying to host in 3 tier architecture.Making web server alone in https ,
app server code is placed running in http.First, I'm redirect all http
traffic to https with the following:


This is my web server apache conf file.

ServerName sampleapp

NameVirtualHost *:80
<VirtualHost *:80>
 Options FollowSymLinks
  RewriteEngine On
  RewriteCond %{SERVER_PORT} !^443$
  RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R]
</VirtualHost>

Inside the <VirtualHost *:443> section, I have the following
configuration, which seems extremely standard:
   <Directory />
      Options FollowSymLinks
      AllowOverride None
      Order deny,allow
      Deny from none
      Allow from all
   </Directory>
ProxyPreserveHost on


ErrorLog "/usr/local/apache2/logs/error_log"
TransferLog "/usr/local/apache2/logs/access_log"
SSLEngine on


<Proxy balancer://hotcluster>
BalancerMember http://appserver:8010/
</Proxy>

ProxyPass / balancer://hotcluster/
ProxyPassReverse / balancer://hotcluster/

SSLCipherSuite
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL


SSLCertificateKeyFile "/home/sasi/test.key"

SSLCACertificateFile "/home/sasi/test.cer"

SSLCertificateChainFile "/home/sasi/test1.cer"

<FilesMatch "\.(cgi|shtml|phtml|php)$">
    SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/usr/local/apache2/cgi-bin">
    SSLOptions +StdEnvVars
</Directory>

BrowserMatch ".*MSIE.*" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0

CustomLog "/usr/local/apache2/logs/ssl_request_log" \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"


RequestHeader set X_FORWARDED_PROTO "https"

RewriteEngine On
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R]

RewriteCond %{HTTPS} !=on
RewriteRule ^/(.*) https://%{SERVER_NAME}%{REQUEST_URI} [L,R]


    ProxyRequests Off
    <Proxy *>
        Order Allow,Deny
        Allow from all
        AuthType Basic
        AuthName Transmission
        AuthUserFile /etc/apache2/users
#        Require user me
    </Proxy>
</Virtualhost>



In my app server i point my application which runs with passenger ,
apache in 8010 port

<VirtualHost *:8010>
  RailsEnv development
  DocumentRoot /home/appserver/sampleapp/public

  <Directory />
    Options FollowSymLinks
    AllowOverride None
    Order deny,allow
    Deny from none
    Allow from all
  </Directory>
  ProxyPreserveHost on

  RequestHeader set X_FORWARDED_PROTO "https"

  ProxyPass /images !
  ProxyPass /stylesheets !
  ProxyPass /javascripts !

  RewriteEngine on
  RewriteCond %{REQUEST_METHOD} ^(HEAD|TRACE|DELETE|TRACK) [NC]
  RewriteRule ^(.*)$ - [F,L]

  RewriteCond %{REQUEST_METHOD} !^(OPTIONS|GET|POST)$ [NC]
  RewriteRule .* - [F,L]


</VirtualHost>



When I point my browser to "https://sampleapp/session/new" I get the
login page that I expect. After giving the login credentials my site url
changes from https to http as (http://sampleapp/home) instead of staying
in (https://sampleapp/home). If i manually change the url to "https". It
stays fully in https .

The way in which i have written rewrite condition in app server and web
server is right?

Can anybody suggest me .

Please Help!

Sasi
Ec318718bab37977e3860f535b87350b?d=identicon&s=25 Steve Morrissey (uberamd)
on 2012-08-20 17:10
I'd put this in your <VirtualHost *:80> block instead of redirecting
based on port:

   # ssl redirect for any URL
   RewriteCond %{SERVER_PROTOCOL}        !^HTTPS
   RewriteRule (.*)                https://%{HTTP_HOST}$1      [R]
This topic is locked and can not be replied to.