I have a rails 3 app hosted on heroku which contains sensitive data which is why i want to implement SSL. The info I learned 开发者_运维问答from google searching doesn't exactly match my use case as I want to SSL the entire site. I'd like your help understanding the following.
Is there a simple way to force all app requests to use SSL? I want the landing page to even have SSL as the landing page has a sign in form. It seems like it'd be a lot simpler to SSL everything than select SSL on a per page basis. That being said, do I need a gem for this?
Thank you
Look for a Rack middleware that accomplishes this.
- https://github.com/tobmatth/rack-ssl-enforcer
I found this post today which is updated and looks like a good solution: http://www.simonecarletti.com/blog/2011/05/configuring-rails-3-https-ssl/
I am using SSL Enforcer with Heroku and it works great. However, I had a lot of trouble setting up SSL on my dev machine (Ubuntu 11.04).
First, Webrick did not work with SSL, so I found a hack which worked for a while. But then I had a weird javascript and Google Visualization API problem with it.
Now I installed Thin (which was easy), but it is not working with SSL Enforcer.
If you have the time to install and configure Apache, SSL will work. But I don't think Heroku uses Apache, so that's not so good...
I can see why people don't want to figure out how to run SSL on their local machine...maybe it's not worth it if you have a staging or QA server that does run SSL.
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论