I am running a web application is AWS. I have a load balanced environment set up in Elastic Beanstalk and i have attached a certificate to that for HTTPS.
When i access the homepage URL, HTTPS works absolutely fine. The issue i have is when i add something to the URL such as /login then HTTPS just refuses to work and only HTTP will work.
It seems that it worked fine when it was using the sample application. However when i have uploaded my files to the environment it has the issue.
I am running a FuelPHP application. Does anyone know a fix for this, is it to do with my htaccess?
For anyone with a similar issue, it was Fuel PHP which was the issue. There is a setting under fuel/app/config/config.php to allow HTTP requests. Uncomment the following line:
'allow_x_headers' => true,
Related
I'm developing a web app using Next.js that is, in the end, served by a custom Express.js server. I'm trying to deploy this app on EC2 and access it but I'm getting ERR_CONNECTION_REFUSED errors.
I'm accessing the app over HTTP using the public DNS of my instance (http://ec2-PUBLIC_IPV4_ADDRESS.compute-1.amazonaws.com/) which works fine, the index.html then needs to load other files (e.g.: .js or .css files), but tried to load them over HTTPS (https://ec2-PUBLIC_IPV4_ADDRESS.compute-1.amazonaws.com/style.css). In the network tab of the developer tool of Chrome, I get one request that is succesful and other assets that fail with net::ERR_CONNECTION_REFUSED.
I was wondering if there is a config either on my EC2 instance, on my Express server or even on Next.js that needs to be modified to make sure that the connection is not upgraded to HTTPS.
I would prefer to find a solution that doesn't involve setting up a domain for early testing purposes.
Thanks in advance.
I'll try to explain my problem the best that I can. I have a Flask app using blueprints with subdomains for redirecting to versions of the same site with different languages.
es.my_site -> spanish version.
en.my_site -> english version. and so on.
The app is working locally, defining:
application.config['SERVER_NAME'] = my_site.com:5000 in application.py
and adding 127.0.0.1 my_site.com:5000, 127.0.0.1 en.my_site.com:5000 and 127.0.0.1 es.my_site.com:5000 to /etc/hosts.
My problem starts when trying to deploy the app to aws beanstalk.
My first question is what to config in application.config['SERVER_NAME'], I've tried configuring the url that beanstalk gives me my_site-env.eba-******.us-west-2.elasticbeanstalk.com:5000, and this works, but only for routes that don't use blueprints.
When I try to access an url generated by the blueprint, the url_for() method is called multiple times until an error is thrown, each time adding the subdomain again to the url.
url_for() is called multiple times and redirect(url_for('endpoint')) never redirects to the correct endpoint.
Result of each successive call to url_for():
es.my_site-env.eba-******.us-west-2.elasticbeanstalk.com
es.es.my_site-env.eba-******.us-west-2.elasticbeanstalk.com
es.es.es.my_site-env.eba-******.us-west-2.elasticbeanstalk.com
es.es.es.es.my_site-env.eba-******.us-west-2.elasticbeanstalk.com
es.es.es.es.es.my_site-env.eba-******.us-west-2.elasticbeanstalk.com
This works fine locally, that's why I think this is related to a configuration in the Beanstalk server, my app configuration or something DNS related. But I'm not an expert in either Flask or AWS, so it could be something else.
Any help is really appreciated. Thank you.
I am working on a 2-player card game. The two client facing pages are hosted on Github pages and the node server is running on AWS.
Everything works fine when I view my client side pages locally, but when I try to open them on Github pages I get this error:
Mixed Content: The page at '' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint ''. This request has been blocked; the content must be served over HTTPS.
So then I change the connection url to include https like this:
var socket = io.connect("https://ec2-18-191-142-129.us-east-2.compute.amazonaws.com:3000");
And I get this error:
index.js:83 GET https://ec2-18-191-142-129.us-east-2.compute.amazonaws.com:3000/socket.io/?EIO=3&transport=polling&t=N71Cs6c net::ERR_SSL_PROTOCOL_ERROR
Here are my security groups:
Do I need to do something with an SSL certificate? Is it even possible with my current setup as I don't have access to the domain I am hosting on (Github Pages). If it's not possible are there any online services I can host my client code on and get an SSL certificate, or do I have to buy a domain and hosting? Any help welcome, but please try to explain it because I am very new to all this. Thank you.
Ec2 doesn't support https like this ("out of the box").
There is several way of doing it, but I suggest you should create a application load balancer (https://docs.aws.amazon.com/elasticloadbalancing/latest/application/introduction.html) and then configure https on it (https://docs.aws.amazon.com/elasticloadbalancing/latest/application/create-https-listener.html).
Other solution can be using Cloudfront, or configure https directly on the instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/SSL-on-amazon-linux-2.html).
Hope that makes sense.
As mentioned by alcyon, changing from HTTP to HTTPS does not enable your application to run over HTTPS. There are many ways to achieve this. Checkout the detailed guide by AWS for your use-case at https://aws.amazon.com/premiumsupport/knowledge-center/configure-acm-certificates-ec2/ .
I have a PHP project up and running using AWS Elastic Beanstalk. I wanted to set a few things using .htaccess. Unfortunately I misspelled something, causing a configuration error of the Web site. After removing the .htaccess file again, the Web site was still not working. I tried redeploying the project, restarting the app server(s) and even rebuilding the entire Elastic Beanstalk environment without luck.
In the end, I created a new Elastic Beanstalk application, and then it worked fine. But now I've written something wrong in the .htaccess file again, the new application has stopped working, even though I have removed the erroneous .htaccess file.
What might be causing this issue? And how can I fix it?
Edit
I've checked the logs /var/log/httpd/access_log and /var/log/httpd/error_log, but they have not been updated since the Web site broke down.
The part of the .htaccess file that caused the issue turned out to be a permanent redirect (301) from http to https. But https was not yet set up on the server, and hence the request failed. Since it was a 301 redirect, my computer stored it and performed it on any subsequent request, regardless of the browser.
I've got mod_pagespeed installed under apache2/php5-fpm and it's working fine on my domain that isn't using SSL (it's combining css and js no probs), however when I access the SSL version of the same site, it no longer works. I've tried setting the variable:
ModPagespeedFetchHttps enable
But it still is not working. The site is behind basic auth security, would this matter?
I can see in the response headers under the SSL version of the site that mod_pagespeed is there, but it's not working it's magic.
Does accessing resources require authentication? If so, then mod_pagespeed probably is not able to access them (it just does an http fetch for resources to rewrite).
Are the same resources available on http? If so, you're best bet might be MapOriginDomain:
ModPagespeedMapOriginDomain http://www.example.com/ https://www.example.com/
This will fetch all resources with HTTP even when the page is requested with HTTPS. So this would avoid the authentication issue.
See also, https://developers.google.com/speed/pagespeed/module/https_support for more help with various HTTPS issues.
In addition to the above answer, also make sure you have added the directory for the ModPagespeedSslCertFile in your config file.
Check "Configuring SSL Certificates" at
https://developers.google.com/speed/pagespeed/module/https_support