Apache, SSL, Rails and a Broken Redirect

steam locomotive (photo by benedeki)If you are using Apache and <acronym title="Secure Sockets Layer">SSL</acronym> as a proxy front-end for your Ruby on Rails application, you might have a problem with redirects if the backend server (Mongrel, for example) does not use SSL.

In a nutshell, you'll discover that redirects are sent to a non-SSL <acronym title="Uniform Resource Locator">URL</acronym> (noticeably lacking an s in http://). This is almost certainly not what you want, and will likely break if your firewall is configured to only allow SSL traffic on <acronym title="Transmission Control Protocol">TCP</acronym> port 443.

The solution is a quick one line addition in your Apache configuration file.

RequestHeader set X_FORWARDED_PROTO 'https'

When Rails sees this header in a request, it automatically creates all redirect URLs with the necessary https:// to ensure that everything goes where it should.

Photo by István Benedek.

My Bookshelf

Reading Now

Other Stuff