Force SSL using Thin - ruby-on-rails-3

I recently installed Thin on our server.
Now my customer asked me to implemet SSL on my whole application. So i've searched the web for a guide to implement SSL.
I've found this, which seems to be very easy.
I got my certificate and the key and i started up the server as shown. The Server starts up without any problems, but when somebody tries to connect i get this error message:
terminate called after throwing an instance of 'std::runtime_error'
what(): Encryption not available on this event-machine
Aborted
The Server stops and the browser shows a "Connection reset" Page.
I looked around and some people say that this has something to do with the libssl not being installed, so i looked inside the /usr - Folder and there she is.
Then i searched for other Solutions, but most of them seem to require Apache or Nginx, which is not an Option, sadly.
Any Ideas how to get Thin to work with SSL?
More Info to the System:
VHost Debian 6 x64
Rails 3.2.8
Ruby 1.8.7
Thin 1.4.1

Okay i fixed this issue by just doing an update.
I begged our admin to install RVM and finally he allowed me to do so, but the problem:
I've noticed some things by reading the patch notes of Ruby since 1.8.7.
It seemed that Ruby had some issues with SSL that were fixed with Ruby 1.9.x.
Now i am running Ruby 1.9.3 with Rails 3.2.8 and everything works fine!

Related

Meteor, MUP & Cloudflare causing redirect/refresh loop

I have a meteor webapp that has been around for a few years. It hasn't been updated particularly often and thus the version is little bit old (Meteor 1.6.1.4), however it runs locally without an issue and I currently have a version of it it deployed without issue on a Digital Ocean droplet with Mongo on AtlasDB and the DNS on Cloudflare.
However I've been running into an issue deploying updates with the Meteor Up (MUP) tool. On my production server when I run mup deploy with my latest code the deployment works and validates successfully, however the live site now loops on page load. The page completes the load (including a call to Stripe API front end library) and the images load and as soon as that has happened the same page is loaded again over and over. This happens on each page of the webapp. There are no errors logged in the console.
I'm almost sure this isn't a codebase issue as I have a staging version of this same app running on an identical spec droplet which I can deploy to without issue. The only difference between the production and staging is that the staging uses a LetsEncrypt cert generated by MUP and production uses a Cloudflare issued cert. I can't remember exactly the reason for this as it was the outcome of my last round of troubleshooting, which did result in a successful deployment. The LetsEncrypt configuration with MUP seemed to be problematic when I last set everything up. Either way there is no obvious good reason why this error should occur.
So I think that the issue is most likely something to do with Cloudflare, however I don't have many clues as to what. I've tried clearing the full cache after deploying. I cannot disable the Cloudflare proxy as I get unsecure error.
For my next steps I'm thinking of setting up another staging droplet but with Cloudflare in front in the same way, to see if I can get a non-critical replicable version of the same error. From there I'm not sure what I would do to debug and fix. I was also wondering if configuring a load balancer for this webapp might be smart at this moment, though if in an SSL passthrough I wonder if it would not solve the underlying issue. This would also not necessarily be answering this question but rather just avoiding it. I'm also considering trying to update the version of the Meteor app as far as I can to see if there is any chance that codebase is part of the issue.
Any suggestions?

HTTP/2 long timouts at HTTP_TRANSACTION_READ_HEADERS

The Issue:
I've recently been working enabling HTTP/2 for a large PHP+JS application (generally a Backbone-based SPA served by a PHP back-end). While most resources load fine, two requests are getting stuck in the "Stalled" state for exactly 5 minutes before resolving and downloading as normal.
The two request in question are a simple XMLHttpRequest to our back-end and a request for a Font Awesome font file. Other font files and back-end requests are loaded just fine, but these two will consistently hang up when HTTP/2 is enabled.
Debugging Information:
Here are the headers associated with the font file request listed in Chrome's dev tools:
...and here's the output from chrome://net-internals, with the hangup occurring at HTTP_TRANSACTION_READ_HEADERS (see the dt of almost 30000ms):
Further Details:
This application is served using a build of apache2 that includes the mod_http2 module rather than the standard version of apache2 that is packaged with Ubuntu. The same behavior is reported in the latest versions of Firefox, Chrome, and Chrome beta on Ubuntu 16.04.
For the sake of local development, all SSL is being run through a self-signed OpenSSL certificate, generated with OpenSSL version 1.0.2j.
It should also be noted that all other successful requests are running through Backbone-related methods, which delegate to jQuery's $.ajax, where the failed XMLHttpRequest is using the native JS XMLHttpRequest Object.
Thanks for your help.
What version of Apache and mod_http2 are you using?
There's been a load of fixes for this sort of thing and Apache 2.4.25 is about to be released including those fixes, so suggest you upgrade to that when it comes out in next day or two and try again.
Alternatively, if you don't want to wait, you can try updating mod_http2 independently by doing the following (assuming Apache is installed in /usr/local/apache2/ but adjust that as appropriate):
#Download and install mod_http2 outside of a regular Apache release
#Latest version is here: https://github.com/icing/mod_h2/releases/
wget https://github.com/icing/mod_h2/releases/download/v1.8.3/mod_http2-1.8.3.tar.gz
tar -zxvf mod_http2-1.8.3.tar.gz
cd mod_http2-1.8.3
./configure --with-apxs=/usr/local/apache2/bin/apxs
make
sudo make install
Then restart Apache and confirm from error log that you are running mod_http2-1.8.3.
If that doesn't work then raise an issue here: https://github.com/icing/mod_h2/ as the mod_http2 developer (#icing) is very responsive to issues. Assuming this is an Apache bug of course.

Mod_Spdy not running on Centos

I'm setting up Apache on Centos the way I have done in the past, but for some reason mod_spdy is not running. I'm following the instructions here:
https://developers.google.com/speed/spdy/mod_spdy/
When I run rpm -U mod-spdy-beta_current_x86_64.rpm I get this message:
warning: mod-spdy-beta_current_x86_64.rpm: Header V4 DSA/SHA1 Signature, key ID 7fac5991: NOKEY
package mod-spdy-beta-0.9.4.3-420.x86_64 is already installed
If I open chrome://net-internals/#spdy and my site in another tab, it doesn't show my site. If I look in the network panel, I don't see the x-mod-spdy header.
Update: If I use Firefox firebug, I see the x-mod-spdy header. I don't see my site in Chrome spdy sessions, but I see other sites in it.
What could I be doing wrong?
Ok it seems the issue is that Chrome 40.x dropped support for SPDY/3 and only supports SPDY/3.1, but the mod_spdy module for Apache only supports SPDY/3, so basically no SPDY for Chrome users if you use Apache as a web server.
mod_spdy is currently in a bad state where either Google nor Apache is maintaining it after Google donated it to the Asf. Google recently made the statement that they will drop the SPDY support from Chrome in early 2016, but what they forgot to say that they started dropping older versions of SPDY already (including SPDY/3) (I like these partially true statements by the way), so basically if you are on Apache then for your Chrome users you can't provide SPDY short of implementing SPDY/3.1 yourself.
So, how was that "do no evil"? :-)
See details: https://groups.google.com/forum/#!topic/mod-spdy-discuss/FPEj0zG5I0Y
and https://code.google.com/p/mod-spdy/issues/detail?id=100&colspec=ID%20Type%20Status%20Priority%20Owner%20Summary%20Stars
One option you might consider is switching to Nginx and using SPDY/3.1 over there.

Apache server wont start - MAMP

I'm very new to MAMP, when I first installed MAMP the Apache server and mySQL were working fine.
Then I stupidly deleted my root user on the database, and I couldn't access the mySQLadmin screen.
So I uninstalled MAMP and reinstalled, but now the Apache server isn't working.
Anyone got suggestions, for example what logs I should look at? I've researched a few solutions but im pretty confused
I had this exact problem.
Make sure you remove all files from /applications/mamp before reinstalling MAMP! If this doesn't work, it's possible you messed something else up, so you can try installing XAMPP, which offers just about the same functionality as MAMP.

localhost server not responding for middleman development environment

I am running Mountain Lion, none RVM managed.
I have attempted:
middleman server -p 4567 -e development
middleman server
and
bundle exec middleman server
I've tried various combinations with templates, removed the install and started over several times.
Everything seems to run just find and middleman is standing watch, etc. I then navigate to http://localhost:4567/ (when applicable) and the browser always says that it cannot connect to the server "localhost"
the problem persists across two environments with dropbox sinking the source files between the two. Maybe I'm doing something wrong but I can't figure out any other steps from the docs and I've tried to connect to the official user forum but repeated "resends" of the confirmation e-mail don't work for two different accounts. Yah, it's been one of those development days...
Thanks for any help!
Ok, for some reason localhost is getting grabbed up on my computer. switching to 0.0.0.0:4500 solves it.