Hello. I am very interested in getting rb to run behind Apache as rb dose not natively support https traffic. I have not seen a good guide or instructions on how to set this up.
I am not really familiar with the settings in Apache so the more detail the better.
Check out the code wiki at http://smbisoft.com[br]The code wiki allows for multiple users to work on the same project at the same time in just basic.[br][br]SMBISoft ____888-LAN-Zoli _____ 888-526-9654
Post by stormforce5 on Jan 25, 2013 10:21:36 GMT -5
It was a while ago when I did it.... but here goes...
My RB server is behind apache on both 80 and 443 ports, http & https port 80 and 443 are oprt forwarded to this server from my adsl router (which has a static ip) I have a domain registered against this IP
1. move RB server to port 81 (reconfigure it to tcp:81) dont forget to open the firewall on that port 2. install apache edit httpd.conf file in conf folder
ensure LoadModule ssl_module modules/mod_ssl.so is loaded for SSL support later ensure you are listening on port 80....
ie, Listen 192.168.10.3:80
I set apache to be a proxy for RB on http and https
settings I used are in httpd.conf file at bottom was my RB pc is named webserver on 192.168.10.3
<VirtualHost _default_:80> ProxyVia on RequestHeader set Front-End-Https "On" ProxyRequests off proxypass /echo http://webserver/restricted.html ProxyPass / http://webserver:81/ ProxyPassReverse / http://webserver:81/ #above works correctly </VirtualHost>
you will need to do also the same thing again in the httpd-ssl.conf file in conf/extra folder
but change above bits for 443 (https/ssl) ie,
<VirtualHost _default_:443> ProxyVia on RequestHeader set Front-End-Https "On" ProxyRequests off proxypass /echo http://webserver/restricted.html ProxyPass / http://webserver:443/ ProxyPassReverse / http://webserver:443/ #above works correctly </VirtualHost>
Once you've done this, you will need to read up on how to get a SSL certificate with apache... using openssl (I think)... I used comodo which was quite cheap. this basically works by creating a server key file from the apcache server, you upload this key to comodo or whoever you use for the certificate and then generate a new key file which you have to put on your apache server... as I say best you look that bit up on the web... (I cant remember it too well now)
also once you've done all this suggest you use put some good security on this site... and use www.ssllabs.com/ssltest/ to do a test on your site to ensure its fairly tight..
the above is assuming your opening up your site to the internet.