1

我正在开发一个电子商务网站。在 Ruby on Rails 上工作。Nginx 用作 Web 服务器,独角兽用作应用程序服务器。在我的应用程序中,我只想为支付页面实现 ssl,这意味着只针对特定的 url。我试图配置我的方式。我正在使用 gem 'rack-ssl-enforcer'。我在环境文件中给出的gem配置如下

config.middleware.use Rack::SslEnforcer,
 :redirect_to => 'https://demo.domain.com',    # For when behind a proxy, like nginx
 :only => [/^\/payment\//],                      # Force SSL on everything behind /admin   and /authors
 :strict => true

我配置我的 nginx,如下所示。我提供了两个服务器块,一个用于通用http://,一个用于ssl(https://)

upstream unicorn_domain {
 # This is the socket we configured in unicorn.rb
server unix:/home/ubuntu/root_path/tmp/sockets/unicorn.sock fail_timeout=30;
} 

server {
listen 80;
client_max_body_size 4G;
server_name demo.domain.com;

keepalive_timeout 5;

# Location of our static files
root /home/ubuntu/1DRecruit/root_path/public;
access_log /home/ubuntu/root_path/log/nginx/nginx.access.log;
location / {


  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  proxy_set_header Host $http_host;
  proxy_redirect off;

  # If you don't find the filename in the static files
  # Then request it from the unicorn server
  if (!-f $request_filename) {
    proxy_pass http://unicorn_domain;
    break;
  }

  if ($request_uri ~* "\.(ico|css|js|gif|jpe?g|png)\?[0-9]+$") {
    expires max;
    break;
  }

}

}

 server {
    listen 443 ssl;
    client_max_body_size 4G;
    ssl                   on;
    ssl_certificate       /etc/nginx/ssl/example.com_chain.pem;
    ssl_certificate_key   /etc/nginx/ssl/example.com.key;
    ssl_protocols         SSLv3 TLSv1;
    ssl_ciphers           ALL:-ADH:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP;
    ssl_session_cache     shared:SSL:10m;


    keepalive_timeout 5;
# Location of our static files
    root /home/ubuntu/root_path/public;
   location / {
         proxy_set_header   X-Forwarded-Proto https;

}

}

像这样配置后,nginx 在重新启动时没有显示任何错误,当我们获取站点时,它正在正确加载。但是当我们转到付款页面时,url 更改为https://但它显示 nginx 错误404 Not found。获取 nginx 错误日志时,显示的错误是

[error] 2532#0: *1 open() "/home/ubuntu/root_path/public/payment/make_payment" failed (2: No such file or directory), client: 110.235.112.69, server: , request: "GET /payment/make_payment?id=9 HTTP/1.1", host: "demo.domain.com", referrer: "http://demo.domain.com/posters/home"

我正在使用startssl作为证书。我无法弄清楚问题所在。解决问题非常重要。任何人都可以在这个问题上帮助我。

谢谢,问候

4

1 回答 1

0

您可以尝试以下方法:

/app/middlewares/force_ssl.rb

class ForceSSL
  def initialize(app)
    @app = app
  end

  def call(env)
    path = env["PATH_INFO"].to_s.squeeze("/")

    # only force ssl on billing related requests
    if path.match(/^\/installations\/\d+\/billing/) && env['HTTPS'] != 'on' && env['HTTP_X_FORWARDED_PROTO'] != 'https'
      req = Rack::Request.new(env)
      [301, { "Location" => req.url.gsub(/^http:/, "https:") }, []]
    elsif !path.match(/^\/installations\/\d+\/billing/) && !path.match(/^\/facebook\//) && (env['HTTPS'] == 'on' || env['HTTP_X_FORWARDED_PROTO'] == 'https')
      req = Rack::Request.new(env)
      [301, { "Location" => req.url.gsub(/^https:/, "http:") }, []]
    else
      @app.call(env)
    end
  end
end

我希望这个对你有用。让我知道

于 2013-05-08T14:56:18.983 回答