Daniel
Reputation: 4173
What is the best and easiest setup for enforcing SSL within an entire rails app?
I'm looking for a fast and maintainable setup of enforcing SSL in production mode.
Are there any gems for that or what is the best practice here? And what is the easiest way to test this in development?
The app is hosted on Heroku with the SSL-Addon.
Upvotes: 0
Views: 50
Answers (1)
lipanski
Reputation: 1763
In your environments/production.rb (and / or development.rb) add the following config:
config.force_ssl = true
This will force app-wide redirects to https whenever an unsecure URL was requested.
If you want to test this in development, you should set up a self-signed certificate for your local domain (localhost or my.local or whatever). For apache you can try something like this, for ngnix something like this.
Upvotes: 3
Related Questions
- How to get SSL working on Rails app with Heroku?
- Simplest method of enforcing HTTPS for Heroku Ruby Sinatra app
- Cheap SSL certification for an app hosted on Heroku
- How can I avoid an SSL error on a Heroku-hosted site (built with Rails) without paying for an SSL certificate
- Rails SSL Local
- SSL configuration
- Configuring SSL for an App Heroku HTTPS
- need a crash course in HTTPS / SSL for Rails
- A workaround for SSL on Heroku
- rails 3 - Securing an app with SSL