TurnKey Linux Virtual Appliance Library

Setting up redmine under https

DrH's picture

I thought it might be useful to document how I secure the redmine appliance. I find this useful for private setups.

It was a little messier than I thought becase for some reason in the 11.3 version the apache port 80 and 443 configs point to the same file. Sometimes I want secure only access, sometimes both. It would be nice to have these separated, as that makes it easier to redirect the secure traffic.

1. copy /etc/apache2/conf/railsapp.conf to /etc/apache2/conf/railsapp_80.conf

2. Edit /etc/apache2/sites-available/railsapp, change the virtualhost *:80 include from
  /etc/apache2/conf/railsapp.conf
to
  /etc/apache2/conf/railsapp_80.conf

This makes it nice in webmin, as it will now distinguish the virtual servers. You can make the changes in /etc/apache2/sites-available/railsapp.

If you want redmine to be secure only,

3. edit /etc/apache2/conf/railsapp-80.conf

After the line
  RewriteEngine on
Add

  # force http to https
  RewriteCond %{SERVER_PORT} !^443$
  RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R=permanent]

save the file and restart apache.

I've used this on a number of private setups, and it works.

Thank you TurnkeyLinux - I really like your appliance model.

Post new comment

The content of this field is kept private and will not be shown publicly. If you have a Gravatar account, used to display your avatar.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <p> <span> <div> <h1> <h2> <h3> <h4> <h5> <h6> <img> <map> <area> <hr> <br> <br /> <ul> <ol> <li> <dl> <dt> <dd> <table> <tr> <td> <em> <b> <u> <i> <strong> <font> <del> <ins> <sub> <sup> <quote> <blockquote> <pre> <address> <code> <cite> <strike> <caption>

More information about formatting options

Leave this field empty. It's part of a security mechanism.
(Dear spammers: moderators are notified of all new posts. Spam is deleted immediately)