In the rails application, if we need to forward all non-SSL traffic to SSL traffic we can use below virtual host entry.

By default, rewrite module needs to be enabled in Apache configuration with valid SSL certificates including Chain file.

<VirtualHost *:80>
ServerName mydomain.com
ServerAlias files.mydomain.com
ServerAdmin admin@mydomain.com
DocumentRoot /var/www/html
RewriteEngine On
RewriteCond %{HTTP:XForwardedProto} !=https
RewriteCond %{REQUEST_URI} !^/health_check
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L]
ErrorLog /var/log/apache2/errors.log
LogLevel warn
CustomLog /var/log/apache2/access.log combined
SetEnv RAILS_ENV production
<Directory /var/www/html
Allow from all
Options MultiViews
</Directory>
</VirtualHost>
<VirtualHost *:443>
ServerName mydomain.com
ServerAlias files.mydomain.com
ServerAdmin admin@mydomain.com
DocumentRoot /var/www/html
ErrorLog /var/log/apache2/errors.log
LogLevel warn
CustomLog /var/log/apache2/ssl_access.log combined
SSLEngine on
BrowserMatch “MSIE [2-6]” nokeepalive ssluncleanshutdown downgrade1.0 forceresponse1.0
BrowserMatch “MSIE [17-9]” ssluncleanshutdown
# the following ssl certificate files are generated for you from the ssl-cert package.
SSLCertificateFile /etc/apache2/ssl/ssl_certificate.crt
SSLCertificateKeyFile /etc/apache2/ssl/certificate.key
SSLCertificateChainFile /etc/apache2/ssl/ssl_certificatebundle.crt
SetEnv RAILS_ENV production
<Directory /var/www/html>
Allow from all
Options MultiViews
</Directory>
</VirtualHost>

Above VirtualHost entry will forward all non-SSL to SSL.

LEAVE A REPLY

Please enter your comment!
Please enter your name here