Question

我正在开发一个电子商务网站。使用Ruby on Rails.Nginx作为Web服务器和独角兽用作应用程序服务器。在我的应用程序中，我想仅为支付页面实现ssl，仅适用于特定网址。我试着配置我的路。我正在使用gem 'rack-ssl-enforcer'。我在环境文件

中给出的gem配置如下

config.middleware.use Rack::SslEnforcer,
 :redirect_to => 'https://demo.domain.com',    # For when behind a proxy, like nginx
 :only => [/^\/payment\//],                      # Force SSL on everything behind /admin   and /authors
 :strict => true

我按照下面的说明配置我的nginx。我为常见的 http：// 提供了两个服务器块1，为 ssl（https：//）提供了一个服务器块。

upstream unicorn_domain {
 # This is the socket we configured in unicorn.rb
server unix:/home/ubuntu/root_path/tmp/sockets/unicorn.sock fail_timeout=30;
} 

server {
listen 80;
client_max_body_size 4G;
server_name demo.domain.com;

keepalive_timeout 5;

# Location of our static files
root /home/ubuntu/1DRecruit/root_path/public;
access_log /home/ubuntu/root_path/log/nginx/nginx.access.log;
location / {


  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  proxy_set_header Host $http_host;
  proxy_redirect off;

  # If you don't find the filename in the static files
  # Then request it from the unicorn server
  if (!-f $request_filename) {
    proxy_pass http://unicorn_domain;
    break;
  }

  if ($request_uri ~* "\.(ico|css|js|gif|jpe?g|png)\?[0-9]+$") {
    expires max;
    break;
  }

}

}

 server {
    listen 443 ssl;
    client_max_body_size 4G;
    ssl                   on;
    ssl_certificate       /etc/nginx/ssl/example.com_chain.pem;
    ssl_certificate_key   /etc/nginx/ssl/example.com.key;
    ssl_protocols         SSLv3 TLSv1;
    ssl_ciphers           ALL:-ADH:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP;
    ssl_session_cache     shared:SSL:10m;


    keepalive_timeout 5;
# Location of our static files
    root /home/ubuntu/root_path/public;
   location / {
         proxy_set_header   X-Forwarded-Proto https;

}

}

在配置完成后，nginx在重新启动时没有显示任何错误，当我们访问网站时，它正在正确加载。但是，当我们转到付款页面时，网址会更改为 https：// ，但会显示并且nginx错误 404 Not found 。在获取nginx错误日志时，显示的错误是

[error] 2532#0: *1 open() "/home/ubuntu/root_path/public/payment/make_payment" failed (2: No such file or directory), client: 110.235.112.69, server: , request: "GET /payment/make_payment?id=9 HTTP/1.1", host: "demo.domain.com", referrer: "http://demo.domain.com/posters/home"

我正在使用startssl作为证书。我无法弄清楚问题所在。解决这个问题非常重要。任何人都可以帮我解决这个问题。

谢谢你，此致

Answer 1

您可以尝试以下内容：

/app/middlewares/force_ssl.rb

class ForceSSL
  def initialize(app)
    @app = app
  end

  def call(env)
    path = env["PATH_INFO"].to_s.squeeze("/")

    # only force ssl on billing related requests
    if path.match(/^\/installations\/\d+\/billing/) && env['HTTPS'] != 'on' && env['HTTP_X_FORWARDED_PROTO'] != 'https'
      req = Rack::Request.new(env)
      [301, { "Location" => req.url.gsub(/^http:/, "https:") }, []]
    elsif !path.match(/^\/installations\/\d+\/billing/) && !path.match(/^\/facebook\//) && (env['HTTPS'] == 'on' || env['HTTP_X_FORWARDED_PROTO'] == 'https')
      req = Rack::Request.new(env)
      [301, { "Location" => req.url.gsub(/^https:/, "http:") }, []]
    else
      @app.call(env)
    end
  end
end

我希望它适合你。让我知道

Rails：https：//用于特定的URL

1 个答案: