ibgib
Proper way to enforce https only?
I’m currently in the process of deploying ibgib, and I just finished configuring my DNS
.
Now I’m trying to set up https redirection so that (http://)www.ibgib.com will automatically redirect to https://www.ibgib.com. What is the “proper” way to implement this?
I know of the force_ssl option in the endpoint configuration, which I’ve tried turning on (with hsts: true), however this does not seem to do the redirect. But this could be that I do not have my docker setup properly configured. Is setting this supposed to do the redirect? Or am I supposed to accomplish this another way, perhaps with nginx? And if nginx is the way to go, could I then completely remove the http config setting from my endpoint config? ![]()
Additional Background
I’m currently using distillery to produce a release and then docker (engine, compose, machine) with a “simple” setup of my release container + a postgres container deployed to aws ec2. My full-ish (foolish?
) ongoing deployment notes can be found in my deploy issue for anyone else looking to go elixir + docker + aws.
Most Liked
josevalim
Set :force_ssl in your config/prod.exs and not config/releases.exs, as it is read at compile time. More recent Phoenix versions actually warn if you do this mistake.
josevalim
FWIW, in my experience Plug.SSL, which is what Phoenix uses behind the scenes for force_ssl: [hsts: true], works fine.
logicmason
It’s not working for me either. I’ve tried both what was in the phoenix guides and force_ssl: [hsts: true] and read the docs for Plug.SSL without seeing any clear reason it’s not working.
If I type in 应用宝官网-全网最新最热手机应用游戏下载, it loads with https. If I type 应用宝官网-全网最新最热手机应用游戏下载, it loads without. What I want is for the https route to load, even if the user doesn’t type https into the location bar of their browser.
I’m not using a proxy. It’s just a normal install of phoenix.
Here’s my prod.exs config:
config :myapp, Myapp.Endpoint,
server: true,
url: [scheme: "https", host: "myapp.com", port: 443],
http: [compress: true, port: 80],
https: [compress: true, port: 443,
force_ssl: [hsts: true],
otp_app: :myapp,
keyfile: "/etc/letsencrypt/live/myapp.com/privkey.pem",
certfile: "/etc/letsencrypt/live/myapp.com/cert.pem"],
cache_static_manifest: "priv/static/manifest.json"
Popular in Questions
Other popular topics
Categories:
Sub Categories:
Forums
Popular Tags
- #ecto
- #liveview
- #troubleshooting
- #learning-elixir
- #deployment
- #library
- #erlang
- #testing
- #genserver
- #mix
- #absinthe
- #remote-other
- #otp
- #plug
- #how-to-question
- #macros
- #postgres
- #channels
- #elixirconf
- #exunit
- #discussion
- #code-sync
- #javascript
- #podcasts
- #onsite
- #dialyzer
- #docker
- #authentication
- #umbrella
- #full-time-contract
- #podcasts-by-brainlid
- #ecto-query
- #elixir-ls
- #phoenix_html
- #iex
- #blog-post
- #graphql
- #genstage
- #ai
- #websockets
- #supervisor
- #elixirconf-us
- #advent-of-code
- #distillery
- #processes
- #forms
- #api
- #metaprogramming
- #security
- #hex









