Enforce HTTPS out of the box

fbrusatti · May 15, 2013 · 954f679 · 954f679
1 parent d74df91
commit 954f679
Show file tree

Hide file tree

Showing 3 changed files with 4 additions and 4 deletions.
diff --git a/README.md b/README.md
@@ -40,7 +40,7 @@ Several Capistrano recipes are provided out of the box, mostly taken from [Rails
 1. Edit the `:repository` in `config/deploy.rb` to point to your own repository.
 2. Change the hostnames in `config/deploy/{production,staging}.rb` to match your servers.
 3. If you use a special branch naming scheme in your git workflow, you may also want to change the default `:branch` settings in `config/deploy/{production,staging}.rb`. The default is to deploy production from `master` and staging from `development`.
-4. The nginx recipe assumes your app will support https. Ensure you have your SSL certificate and private key installed on your server in `/etc/ssl`. See `config/recipes/templates/nginx_unicorn.erb` the file names that are expected.
+4. This starter assumes your app will enforce HTTPS at all times. Ensure you have your SSL certificate and private key installed on your server in `/etc/ssl`. See `config/recipes/templates/nginx_unicorn.erb` the file names that are expected.
 4. Review all files in `config/recipes` and `config/recipes/templates` to understand exactly what files and packages will be installed on your servers! Most likely there at least one or two practices that you will disagree with.
 
 Now to deploy to a brand new staging environment, these steps should work:

diff --git a/config/environments/production.rb b/config/environments/production.rb
@@ -28,7 +28,7 @@
   config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for nginx
 
   # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
-  # config.force_ssl = true
+  config.force_ssl = true
 
   # See everything in the log (default is :info)
   # config.log_level = :debug
@@ -58,7 +58,7 @@
   config.action_mailer.raise_delivery_errors = true
   config.action_mailer.default_url_options = {
     host: 'rails-starter.com',
-    protocol: 'http' # or 'https' for a secured app
+    protocol: 'https'
   }
 
   # Enable threaded mode

diff --git a/config/environments/staging.rb b/config/environments/staging.rb
@@ -7,6 +7,6 @@
 
   config.action_mailer.default_url_options = {
     host: 'staging.rails-starter.com',
-    protocol: 'http' # or 'https' for a secured app
+    protocol: 'https'
   }
 end