Ping a Specific Port

Question

jcollum

Asked: 2012-03-03 10:29:07 +0800 CST2012-03-03 10:29:07 +0800 CST 2012-03-03 10:29:07 +0800 CST

how should I force certain paths to use https?

772

Related: Add www to non-www address with ssl

I'm working with a Rails app and having a ton of issues getting SSL for certain routes to work. I thought I'd instead just do a brute force approach and solve this in nginx config... fewer moving parts involved, more certain to work is my thinking.

For example, let's say I have a path that looks like 'http://mysite.com/users/sign_in'. Would I force that path to use SSL like so?

location / {
      rewrite  ^http://(.*)(/users/sign_in/)(.*)$  https://$1$2$3 permanent;
    }

Can anyone recommend a good resource for doing this sort of https/http redirection in nginx?

1 Answers

Voted

Shish · Answer 1 · 2012-03-03T12:44:28+08:00

Shish

2012-03-03T12:44:28+08:002012-03-03T12:44:28+08:00

Not an answer to your question, but an answer to your problem: Only encrypting the login page is almost as dangerous as not encrypting anything. If security is important, encrypt everything -- http://codebutler.com/firesheep

3

how should I force certain paths to use https?

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?