steam locomotive (photo by benedeki)If you are using Apache and SSL as a proxy front-end for your Ruby on Rails application, you might have a problem with redirects if the backend server (Mongrel, for example) does not use SSL.

In a nutshell, you'll discover that redirects are sent to a non-SSL URL (noticeably lacking an s in http://). This is almost certainly not what you want, and will likely break if your firewall is configured to only allow SSL traffic on TCP port 443.

The solution is a quick one line addition in your Apache configuration file.

RequestHeader set X_FORWARDED_PROTO 'https'

When Rails sees this header in a request, it automatically creates all redirect URLs with the necessary https:// to ensure that everything goes where it should.

Photo by István Benedek.