I have a reactjs frontend server and a backend ruby on rails server. Both of them are hosted on Heroku.
My domain name is on GoDaddy and i am paying a version on Heroku (for my frontend server) to have a ssl (Automated Certificate Management (ACM)).
I can access my domain name on the https protocol but also on the http protocol
I would like to redirect all connections to the website from http to https.
I tried multiple things:
Cloudflare but that didn't work out
https_only in my static.json of my reactjs server
force_ssl=true on my ruby on rails server
Nothing is working.
What are your advice to solve that kind of problems ? I don't know if i should solve that in the reactjs server (no info about that on google) or on godaddy (apparently that is not working with heroku) or on the rails server (i don't think so because it's the backend server)...
I am looking forward to have a better understanding of the DNS thing but it is not easy, have you some tutorial to share with me ?
Thanks in advance
I just use the "Always use HTTPS"-Feature from Cloudflare for that.
Related
I have an elastic beanstalk instance in which I have deployed my spring-boot application. By default elastic beanstalk gives you a URL for your environment over http.
While this works fine this has led to a lot of problems for me. I have the frontend (my react application) deployed on Vercel. I want my frontend app to get data from my elastic beanstalk app. Problem is the url is in http. On the console I get an error like this
Mixed Content: The page at '' was loaded over HTTPS, but requested an insecure resource ''. This request has been blocked; the content must be served over HTTPS.
which renders the app useless basically.
After hours of google I found out that I have to request the data over https because my vercel app is over https*(I might be very wrong here)* I've tried some solutions to get my elastic beanstalk app to serve the data on https to no avail.
Here is what I've tried
I created a self signed ssl certificate using openssl and uploaded
it to AWS via the AWS cli. I then went to my applications load
balancer settings and added the ssl certificate . (This did not
work, I cried)
I used keytool to create yet another ssl certificate and added it to my
resources folder and the corresponding settings in the
application.settings file. I repackaged the jar file and redeployed
it to AWS.(Still didn't work. Didn't cry this time though. I was
out of tears)
Question How do I serve the data from my spring-boot app to my Vercel react app over https? Or any other method. Just anything that will work.
If one thing is clear from all that long nonsense I've told you up there is I don't know wtf I'm doing. Just following a bunch of tutorials which for all I know keep destroying my app and your time even more.
Now my app is broken and now I cant even load the static assets on the elastic beanstalk URL because I'm getting another error
400 Bad Request
The plain HTTP request was sent to HTTPS port
I know that question is really long and maybe even wrong. Please help
So once you have the SSL certificate ready this what you need to do in the AWS Elastic beanstalk to serve your application for https
Add a new listener to for port: 443 and select HTTPS
After this incase you are facing any certificate error while browsing the page, ensure that the URL mentioned in the certificate is matching the URL in browser
I'm working with a startup to build an app. I've been studying CS for 2 years, so I'm new to lots of things. For our app we have a ReactJS front-end, Express back-end, and MySQL database. Currently it's deployed on AWS Elastic Beanstalk in a NodeJS environment. I configured it to run react-scripts build after it's been deployed. It's serving the static React-generated files through the Express server (bad idea, I know). This has worked for a while, but now the instance is running out of memory when trying to build.
I've been looking into Docker as a better solution (I've never used Docker before this week), and now I have a local development setup with 3 containers: a MySQL container, a Node container running the backend, and an Alpine container just running react-scripts start. The front-end is using a proxy to connect to the backend. This is all working fine locally (except that my backend container can't connect to the Internet so an external API is broken), but I have no idea how to deploy this correctly to AWS.
With Elastic Beanstalk is there a way for me to build and deploy a single Docker container with the pre-built React front-end, configure Nginx to serve those static files, and then pass all /api requests to the Express server? I'm using RDS for the database, so I don't feel like I need to deploy another container for MySQL.
I don't expect you guys to solve my problem, but I'd appreciate being pointed in the right direction. Maybe I'm going about this completely the wrong way.
React App:
I suggest you deploy your react application on AWS Amplify. you can find resources on how to deploy on the internet very easily.
MySQL
You can host your MySQL database on an EC2 instance or use any other hosted service for the database.
Express App
Now you can host your express app on EBS using the docker platform. You can also get the resources for this on the internet.
===========================================================================
Now add your express app endpoint in AWS Amplify's environment to use it with react app.
Add MySQL URL to EBS's environment to use it with Express App.
Note: AWS amplify serves your app on HTTPS so you have to enable SSL on EBS also. You can do it with the AWS certificate manager by
getting an SSL certificate and attaching it to the EBS.
It will be easy if the domain is handled by Route53 but again you can also achieve this with any domain service provider.
It is recommended that you should migrate your domain to Route 53, as you will get more control and also many other benefits.
Refer this answer: https://stackoverflow.com/a/38225802/9323655
Hope my answer will guide you in the right direction.
I'm running a react app frontend on Netlify which should ideally send commands to an elastic beanstalk backend in form of POST calls. Netlify is bound to my own purchased domain (myname.com) and the beanstalk is running the default address (XXXXXX.elasticbeanstalk.com).
Now the problem is Netlify won't allow sending POST calls to an unsecured (HTTP) endpoint, and requires the endpoint be https://XXXXX.elasticbeanstalk.com. I have pretty limited knowledge on how HTTPS actually works, so anything below this is me fumbling around in the dark and may be quite incorrect.
I tried several methods of enabling HTTPS on the beanstalk
Create a self signed request on beanstalk and upload the cert to netlify (apparently they do not allow it)
Create a CSR on beanstalk and sign it from let's encrypt (not working because I think beanstalk domain is not owned by me)
Use Amazon certificate service (certificate got created but netlify still says it's a self signed certificate, and cannot allow the connection)
Anyone know how to either
Allow netlify to call my HTTP endpoint or
Make the beanstalk endpoint HTTPS or
Suggest a different place to host my react frontend app that doesn't involve this HTTPS mess
Note: At this point, I'm not really worried about the security, and even an unsecure platform would work for now.
Thanks
Finally managed to solve it using CORS-anywhere proxy, by adding the endpoint as https://cors-everywhere.herokuapp.com/http://xxxx.elasticbeanstalk.com/my-endpoint
I am looking for a web host for my frontend react project. I am 100% absolutely required to enforce http and NOT HTTPS, all the web hosts ive tried enforce https.
What do i need to also implement in my code to use http?
Thank you.
I have a phonegap app that uses jquery to post to a remote server, running on Google App Engine.
What's the best way to ensure that only my phonegap app can post to this remote server? I've been scouring the web for an answer but can't find anything concrete.
Normally I believe you'd check the referrer to ensure that the request is coming from a whitelisted domain but in this scenario there is no domain because it's a phonegap app.
This question is similar but it's gone unanswered:
Security issues with phonegap remote server access
You can't. Any request that your app can make - including whatever authentication credentials you care to embed in the app - can be generated by a third-party. The most you can do is obfuscate, by embedding secrets in your app, but a clever user can extract these.
A better option would be to authenticate the user, rather than the application.