1

Web 主机:Bluehost
SSL:通配符 SSL
Rails:v4
Ruby:v2
开发域:dev.mydomain.com
专业域:www.mydomain.com

我正在尝试测试https://连接。我只在开发应用程序中修改了我的 rails 应用程序和我的 apache .htaccess 文件。我遇到了几个问题,我认为这两个问题都是因为第一个问题:

1)最大的问题:使用http://dev.mydomain.com/whatever时,一切都按预期工作。但是,当使用https://dev.mydomain.com/whatever时,它会在生产模式下运行!即使域是 dev.mydomain.com,rails 应用程序也在生产模式下运行。正在提供预编译的资产......但问题是,这些文件实际上并不存在于开发应用程序目录中。它们仅存在于生产应用程序目录中(完全独立)。这意味着即使 URL 指向 dev.mydomain.com/whatever,所有内容实际上都在通过 mydomain.com/whatever 运行......并且我的 rails 应用程序的生产应用程序正在运行。这到底是为什么?!

2) 在我的 .htaccess 文件中,我尝试使用以下命令强制 SSL 连接:

SSLOptions +StrictRequire
SSLRequireSSL
SSLRequire %{HTTP_HOST} eq "dev.mydomain.com"
ErrorDocument 403 https://dev.mydomain.com

但是,即使我已经正确设置了 Apache 授权参数,它也不再提示我输入登录/密码组合。我相信这是因为当使用 SSL 时,实际使用的目录根本不是开发文件夹(参见第一个问题)。

这是 Apache 配置错误吗?我没有对 httpd.conf 做任何事情,我的虚拟主机自动设置了 SSL 证书。

编辑:“完整”.htaccess 代码...

#SSLOptions +StrictRequire
#SSLRequireSSL
#SSLRequire %{HTTP_HOST} eq "dev.mydomain.com"
#ErrorDocument 403 https://dev.mydomain.com

#AuthUserFile "/home/account/.htpasswds/htuser"
#AuthGroupFile "/home/account/.htpasswds/htgroup"
#AuthName "Login Required"
#AuthType Basic
#require group owners administrators


# General Apache options
Options -Indexes
Options -MultiViews
Options +SymLinksIfOwnerMatch +ExecCGI
SetEnv TZ Canada/Eastern
Header unset ETag
FileETag None
AddDefaultCharset UTF-8
DefaultLanguage en


# Compress output
AddOutputFilterByType DEFLATE text/html text/plain text/css text/js text/javascript application/javascript application/xml text/xml image/gif image/jpeg image/jpg image/png image/vnd.microsoft.icon image/x-icon application/vnd.ms-fontobject font/ttf font/otf image/svg+xml




# User added MIME types
AddType video/x-flv .flv
AddType video/mp4 .m4v .mp4 .f4v
AddType video/ogg .ogv
AddType audio/ogg .oga
AddType image/jpeg .jpeg .jpg .jpe
AddType image/svg+xml .svg .svgz
AddType application/vnd.ms-fontobject .eot
AddType font/otf .otf
AddType font/ttf .ttf


# Set Expires info
ExpiresActive On
ExpiresByType image/gif "access plus 365 days"
ExpiresByType image/jpeg "access plus 365 days"
ExpiresByType image/png "access plus 365 days"
ExpiresByType image/x-icon "access plus 365 days"
ExpiresByType application/x-shockwave-flash "access plus 365 days"
ExpiresByType application/x-javascript "access plus 365 days"
ExpiresByType application/javascript "access plus 365 days"
ExpiresByType text/css "access plus 365 days"
ExpiresByType text/html "access plus 1 day"




RewriteEngine On
RewriteBase /


# Temporarily down for maintenance!
#RewriteCond %{HTTP:X-FORWARDED-FOR} !^xxx\.xxx\.xxx\.xxx
#RewriteCond %{REQUEST_URI} !\.(css|gif|ico|jpg|js|png|swf|txt)$
#RewriteRule .* - [R=503,L]


# Reroute all requests on dev site to https
#RewriteCond %{HTTPS} off
#RewriteCond %{HTTP_HOST} ^dev.mydomain.com$
#RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}



PassengerEnabled on
PassengerResolveSymlinksInDocumentRoot on
RailsEnv development
RailsBaseURI /
PassengerAppRoot /home/account/rails_apps/dev.MyDomain


ErrorDocument 500 "<h2>Application error</h2>Rails application failed to start properly"
# Start CloudFlare:mydomain.com rewrite. Do not Edit 
RewriteEngine On 
RewriteCond %{HTTP_HOST} ^mydomain.com 
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L] 
# End CloudFlare rewrite.
4

1 回答 1

0

数字...我花了几天时间寻找这个问题,并在与 Bluehost 的技术支持联系之前几秒钟就找到了解决方案。

http://www.crsr.net/Notes/Apache-HTTPS-virtual-host.html

我需要在 httpd.conf 中为我的 Apache 配置添加一个 VirtualHost 条目。Bluehost 在安装 SSL 证书时已经自动生成了一个,但 dev.mydomain.com 没有一个

<VirtualHost xxx.xxx.xxx.xxx:443>
    ServerName dev.mydomain.com
    ServerAlias www.dev.mydomain.com
    DocumentRoot /home/account/public_html/subdomains/dev
    ServerAdmin webmaster@mydomain.com
    UseCanonicalName Off
    CustomLog /usr/local/apache/domlogs/dev.mydomain.com combined
    CustomLog /usr/local/apache/domlogs/dev.mydomain.com-bytes_log "%{%s}t %I .\n%{%s}t %O ."
    ## User account # Needed for Cpanel::ApacheConf
    UserDir enabled account
    <IfModule mod_suphp.c>
        suPHP_UserGroup account account
    </IfModule>
    <IfModule !mod_disable_suexec.c>
        <IfModule !mod_ruid2.c>
            SuexecUserGroup account account
        </IfModule>
    </IfModule>
    <IfModule mod_ruid2.c>
        RUidGid account account
    </IfModule>
    ScriptAlias /cgi-bin/ /home/account/public_html/subdomains/dev/cgi-bin/
    SSLEngine on

    SSLCertificateFile /var/cpanel/ssl/installed/certs/_wildcard__mydomain_com_[blah-blah-blah].crt
    SSLCertificateKeyFile /var/cpanel/ssl/installed/keys/[blah-blah-blah].key
    SSLCACertificateFile /var/cpanel/ssl/installed/cabundles/COMODO_CA_Limited_[blah-blah-blah].cabundle
    CustomLog /usr/local/apache/domlogs/dev.mydomain.com-ssl_log combined
    SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
    <Directory "/home/account/public_html/subdomains/dev/cgi-bin">
        SSLOptions +StdEnvVars
    </Directory>

    # To customize this VirtualHost use an include file at the following location
    # Include "/usr/local/apache/conf/userdata/ssl/2/account/mydomain.com/*.conf"

</VirtualHost>
于 2013-10-24T13:50:30.547 回答