Does anybody have some working Apache mod_rewrite rules that enable Phusion Passenger (mod_rails) to use a non-default location for the page cache within a Rails application? I'd like the cached files to go in /public/cache rather than the default of /public.
I want to protect the login form of my blog application with an SSL certificate and I'd also like to have some subdomains set up for things like the Mint web stats package. Is this even possible using a non-wildcard certificate, e.g. the GoDaddy "Turbo" one that costs about $20? I don't really want to fork out for the cost of a wildcard certificate.
To be clear, the only place where I want to use SSL is within the main blog application and not on any of the subdomains. I think I read somewhere that you can't do this because if you're using SSL the Apache virtual hosts have to be configured to use IP addresses. I'd like to get a definitive answer on this.
Thanks.
Is there any standard or convention for where SSL certificates and associated private keys should go on the UNIX/Linux filesystem?
I have a Rails application served using Apache 2 and Phusion Passenger. As a security measure I'm trying to supress all server-related HTTP headers. I've successfully turned off the Apache ones, but I'm having trouble using mod_headers to supress the Passenger ones. I've enabled mod_headers using the a2enmod command and restarted the Apache process, but the X-Powered-By and X-Runtime headers still appear.
This is my vhost file:
<VirtualHost *:80>
ServerAdmin [email protected]
ServerName example.com
ServerAlias www.example.com
DocumentRoot /home/deploy/public_html/railsapp/current/public
LogLevel warn
ErrorLog /home/deploy/public_html/railsapp/shared/log/error.log
CustomLog /home/deploy/public_html/railsapp/shared/log/access.log combined
# Suppress Phusion Passenger HTTP headers
<Location *>
<IfModule mod_headers.c>
Header unset X-Runtime
Header unset X-Powered-By
</IfModule>
</Location>
</VirtualHost>