473,396 Members | 1,655 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > apache web server > questions > secure website on windows apache which overrides ruby proxy

Join Bytes to post your question to a community of 473,396 software developers and data experts.

Secure website on Windows Apache which overrides Ruby proxy

Hi all,

First of all I will describe the setup and then ask the question.

I have created a test website which is running on Apache 2.2 on Windows and uses Ruby on Rails 1.8 ( this older version is a requirement, but I think irrelevant to this question ) for a couple of dynamic pages, the rest of the pages are static.

The main website runs in "C:/MyRubyWebsite" through Ruby on Rails with 2 pages, "profile" and "other1", having dynamic URL which are re-written to HTTPS protocol (please see the configuration at the end of the question). The rest of the pages are served as is, they are static.

The same root directory, "C:/MyRubyWebsite", also contains a subdirectory for a PHP website, which does not depend on Ruby on Rails, e.g. "C:/MyRubyWebsite/phpwebsite". The latter would be accessible by going to "http://www.rubywebsitedomain.com/phpwebsite".

Now is the actual question. I need the PHP website, which is independent on Ruby on Rails, to be served under HTTPS. Given all the configuration below that would seem to be straightforward, just type HTTPS in front of the php website url, but when I do that the URL is re-written back to regular HTTP, e.g. non-secure.

What can be done here to allow for having non-Ruby website to be served under HTTPS?

Thank you ahead.

---------------------------------------------------------

The following is the configuration of the virtual directories within the Apache config (ip addresses, domains, and directory names are fictional, but otherwise the configuration is accurate):

--------------------- Apache Config ---------------------
Expand|Select|Wrap|Line Numbers
  1. Listen 111.222.333.444:80
  2. Listen 111.222.333.444:443
  3.  
  4. AddType application/x-x509-ca-cert .crt
  5. AddType application/x-pkcs7-crl    .crl
  6.  
  7. SSLSessionCache        "shmcb:C:/Program Files/Apache Software Foundation/Apache2.2/logs/ssl_scache(512000)"
  8. SSLSessionCacheTimeout  300
  9.  
  10. SSLMutex default
  11.  
  12. RewriteEngine on
  13. RewriteCond %{REQUEST_METHOD} ^TRACE
  14. RewriteRule .* - [F]
  15.  
  16. ProxyRequests Off
  17. AllowCONNECT 443
  18.  
  19. <VirtualHost www.rubywebsitedomain.com:80>
  20.      ServerAdmin webmaster@rubywebsitedomain.com
  21.      DocumentRoot "C:/MyRubyWebsite"
  22.      ServerName www.rubywebsitedomain.com
  23.      ErrorLog "logs/rubywebsitedomain-err.log"
  24.      CustomLog "logs/rubywebsitedomain-cust.log"
  25.      ErrorDocument 503 /err503.html
  26.  
  27.      RewriteEngine on
  28.  
  29. # Configure mongrel instances to serve /info requests
  30.      <Proxy balancer://mongrel_cluster>
  31.          BalancerMember http://127.0.0.1:7771
  32.          BalancerMember http://127.0.0.1:7772
  33.      BalancerMember http://127.0.0.1:7773
  34.      BalancerMember http://127.0.0.1:7774
  35.      </Proxy>
  36.  
  37.    ProxyPass /info balancer://mongrel_cluster/info
  38.    ProxyPassReverse /info balancer://mongrel_cluster/info
  39.  
  40.    RewriteCond %{REQUEST_METHOD} ^TRACE
  41.    RewriteRule .* - [F]
  42.    RewriteRule ^$ /
  43.  
  44.    RewriteRule ^/profile/(.*) https://www.rubywebsitedomain/profile/($1) [R,L]
  45.    RewriteRule ^/other1/(.*) https://www.rubywebsitedomain/other1/($1) [R,L]
  46.  
  47. </VirtualHost>
  48.  
  49.  
  50. <VirtualHost www.rubywebsitedomain.com:443>
  51.      ServerAdmin webmaster@rubywebsitedomain.com
  52.      DocumentRoot "C:/MyRubyWebsite"
  53.      ServerName www.rubywebsitedomain.com
  54.      ErrorLog "logs/rubywebsitedomain-secure-err.log"
  55.      CustomLog "logs/rubywebsitedomain-secure-cust.log"
  56.      ErrorDocument 503 http://www.rubywebsitedomain.com/err503.html
  57.  
  58. # Configure mongrel instances to serve /info requests
  59.      <Proxy balancer://mongrel_cluster>
  60.          BalancerMember http://127.0.0.1:7771
  61.          BalancerMember http://127.0.0.1:7772
  62.      BalancerMember http://127.0.0.1:7773
  63.      BalancerMember http://127.0.0.1:7774
  64.      </Proxy>
  65.  
  66.    ProxyPass /info balancer://mongrel_cluster/info
  67.    ProxyPassReverse /info balancer://mongrel_cluster/info
  68.  
  69.    RewriteEngine on
  70.  
  71.    RewriteCond %{REQUEST_METHOD} ^TRACE
  72.    RewriteRule .* - [F]
  73.  
  74.    ErrorLog logs/your_app_error_log
  75.    CustomLog logs/your_access_log combined
  76.  
  77.    SSLEngine on
  78.    SSLCipherSuite ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM
  79.    SSLCertificateFile "C:/Program Files/Apache Software Foundation/Apache2.2/ssl/mycert.crt"
  80.    SSLCertificateKeyFile "C:/Program Files/Apache Software Foundation/Apache2.2/ssl/mycert.key"
  81.    SSLCACertificateFile "C:/Program Files/Apache Software Foundation/Apache2.2/ssl/intercert.crt"
  82.  
  83.    <FilesMatch "\.(cgi|shtml|phtml|php)$">
  84.       SSLOptions +StdEnvVars
  85.    </FilesMatch>
  86.    <Directory "C:/Program Files/Apache Software   Foundation/Apache2.2/cgi-bin">
  87.       SSLOptions +StdEnvVars
  88.    </Directory>
  89.  
  90.    BrowserMatch ".*MSIE.*" \
  91.          nokeepalive ssl-unclean-shutdown \
  92.          downgrade-1.0 force-response-1.0
  93.  
  94.    CustomLog "C:/logs/sslrlog.log" \
  95.           "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
  96.  
  97. </VirtualHost>
  98.  
Feb 14 '12 #1
0 2427

Sign in to post your reply or Sign up for a free account.

Similar topics

2
Secure Website
by: Ashish Jassra | last post by:
This is regarding a project where we have to built a secure website (HTTPS). kindly let me know 1) how is developing a secure website (https) different from developing a normal site (http). ...
ASP / Active Server Pages
3
Access secure website
by: Sean Walsh | last post by:
I want to perform the following manual steps programatically. 1) I go to a secure website (https://secure.xxx.yyy) where I am prompted for a user name and password with windows authorization...
.NET Framework
2
logging into secure website with script
by: dpoehls | last post by:
Hello there, I am new to python, and shell scriping in general..I have done quite a bit of php, but that it about it. Anyhow, I am wondering if it would be possible to write a python script that...
Python
5
is PHP less secure than Perl, Python, or Ruby?
by: walterbyrd | last post by:
I honestly don't know. But, I have seen articles and posts about how PHP is terribly insecure. I don't usually see comparisons to other common web languages. I think the big vulnerablity is...
PHP
3
mhash functions for my windows apache development server
by: Paul Furman | last post by:
I'm trying to set up a web page for credit card transactions and baffled trying to find a download for mhash functions for my windows apache development server. The real server supports mhash but I...
PHP
2
Secure Website Slow on Internal network
by: yasmike | last post by:
I am having a problem with my secure website on our internal network. The secure website is hosted on our Windows 2000 Server running IIS 5.0. If you try and access the website from a browser from...
IIS / Internet Information Server
0
Website with TreeView works fine in development, but crashes in a 'secure' website on server.
by: Mufasa | last post by:
I have a website that I've developed with a treeview that works fine on the development environment. I then copy it to our production server and the tree view won't work. One of the things I did...
ASP.NET
6
Error after a few hours when using Apache as a proxy
by: dolittle | last post by:
Hi, I`m using Apache as a proxy using ProxyPass (I didn`t set ProxyTimeout), I have two test clients sending and receiving xml messages using xmlhttprequest to a jeti server through the Apache...
Apache Web Server
9
windows service (c#) through proxy
by: calinux | last post by:
hi i am developing a windows application (VS 2008 - .net 3.5) which is requesting some data from a server (XML) and depends by results it is doing something this application is using a UI for...
.NET Framework
4
Windows Authentication: Can't access secure website from server, but can from client
by: z1freeride | last post by:
Hi, I have a portion of my website that uses windows authentication. I am able to access that site through my computer. But when I remote into the server and try to access the website, I am unable...
IIS / Internet Information Server
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General
0
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
Career Advice

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!