GAE App with custom domain - google-app-engine

I recently bought a Namecheap domain and have been trying to hook it up to my GAE website. The GAE URL is domain.appspot.com and it works just fine. I have followed the instructions outlined in https://cloud.google.com/appengine/docs/domain but when I try to visit my custom domain I get an error saying:
The webpage at https://www.domain.com/ might be temporarily down or it may have moved permanently to a new web address.
Error code: ERR_CONNECTION_CLOSED
I have no idea what I'm doing wrong. I have confirmed that domain.com and www.domain.com are both listed as custom domain names in the GAE console, and I've added all the IPs/CNAME stuff as specified. A dig domain.com command confirms that:
;; ANSWER SECTION:
domain.com 1234 IN A 216.239.34.21
domain.com 1234 IN A 216.239.36.21
domain.com 1234 IN A 216.239.32.21
domain.com 1234 IN A 216.239.38.21
I'm wondering if this is a HTTPS issue because trying domain.com in Safari tells me that:
Safari can't open "https://domain.com" because Safari can't establish a secure connection to the server "domain.com".
I don't want to get a cert for HTTPS but I don't see any way around the problem? How can I successfully use a custom domain with my GAE app?

The problem was in my app.yaml file. I had set secure: always which was forcing https, but I didn't have a cert. Now I changed it to secure: never to require http, and it should work fine.

Related

Is there correct way to set Ngrok file to skip browser warning page

Here is sample of Ngrok file which I'm using within tunnel:
authtoken: somevalue
version: "2"
tunnels:
sometunellName
proto: http
addr: 5555
schemes:
- http
- https
host_header: rewrite
request_header:
add:
- "ngrok-skip-browser-warning:true"
log_level: debug
log_format: json
log: ngrok.log
Several common headers didn't give any new result.
The "ngrok-skip-browser-warning:true" header has to be added in the browser as the ngrok cloud side of things has to see it to skip the browser warning. With your config, you've added it in the ngrok cloud so only your app is seeing it.
~ an ngrok employee

Nginx is redirecting subdomain to main domain

I have two domains,
zerp.io (ssl installed)
app.zerp.io (only http)
in zerp.io (main domain) a wordpress website is hosted and is working fine. I am trying to deploy a React app on app.zerp.io using nginx. I deleted the default file and created new file app.zerp.io at /etc/nginx/sites-available/ I also created same file at /etc/nginx/sites-enabled/ and created a symlink between them. I checked the DNS entry, app.zerp.io and www.app.zerp.io is pointing to the public Ip of the correct server where React App resides.
Here's my /etc/nginx/sites-available/app.zerp.io file
server {
listen 80;
index index.html index.htm index.nginx-debian.html;
server_name www.app.zerp.io app.zerp.io;
location / {
proxy_pass localhost:3000;
proxy_ser_header host $host;
}
}
The problem is, whenever I try to reach http://app.zerp.io through web browser it redirects me to https://zerp.io. Here's what I did so far,
I checked DNS using an online tool, its correctly pointing to the server
I did not use any 301 redirects in the configuration file as you can see above
when I try curl app.zerp.io from the production server (in Germany), sometimes it gives 200 with correct response and sometimes it gives 301 (moved permanently) crazy isn't it
When I try curl app.zerp.io from my local computer it always give me 301 although I do not have any 301 in my nginx config file
I thought, may be its a cache issue on my chrome, to my surprise no, I cleared the cache and hard reload, I even tried incognito mode with no success, it always redirect me to https://zerp.io
When I try curl app.zerp.io from my local computer using a VPS it correctly opens the website app.zerp.io.
I do not have any ssl certificate so there are not redirects from http to https in http://app.zerp.io
Its been two days, Its making me crazy, I am assuming it has something to do with DNS resolution. Can some please help me out

Apache2 conf file redirecting requests for other enabled sites

I'm running apache2 on ubuntu 16.04. I've configured apache2 to run multiple sites. One of the sites has https setup and to help support this I've added the following rule to redirect http requests to use https:
<VirtualHost *:80>
ServerName http://example.com
Redirect permanent / https://example.com/
</VirtualHost>
This has been too much of a blanket rule as it's redirecting other site's https requests to the domain above.
How can I re-configure the conf above to only redirect http requests for example.com and not the other sites on the same server?
The first listed virtualhost for each host:port acts as the default, catching all unmatched ServerNames. Make sure you don't define your special-case first.
See apachectl -S output for a summary of where your vhosts are loaded from and which one is the default.

Laravel 5.2 - Getting 500 error when connecting with CSRF disabled

I am having an issue where I'm getting a 500 internal error when connecting to my Laravel API.
I had my site originally on GoDaddy using example.com as the main site and api.example.com as the api, but then decided to move it to Google Cloud Platform. I went ahead and set up an instance in the Google Compute Engine using Debian 8. I am using ISPConfig 3 to do all my server stuff. I have my site and my api in two separate repos on Github. I went my server directory to /var/www/example.com/web and cloned my main site into it. Since this create a folder within the root directory of my site, I also went into the vhost and set the default directory to point to the new cloned directory.
I then created another site with ISPConfig for my api and went into the DNS and created a A record and pointed it to the same IP as my main site. I then went into /var/www/api.example.com/web and cloned my api's repo into it, just like my main site. I went into the vhost for my api and pointed the default directory to my new cloned directory.
I can go to example.com just fine, but when I try to log in (this is the first point an api call is made), I get a 500 internal error.
I'm not using CORS and I never have because I use my own JSON web tokens, therefore my CORS is turned off.
Any ideas on how to fix the 500 error?
EDIT
Formatting
Edit 2
These are the last two lines in the error log for apache:
[Sat Sep 24 21:17:17.095798 2016] [core:crit] [pid 17588] (13)Permission denied: AH00529: /var/www/api.example.com/web/api/public/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable
[Sat Sep 24 21:17:17.095875 2016] [authz_core:error] [pid 17588] AH01630: client denied by server configuration: /var/www/api.example.com/web/error/403.html, referer: http://example.com/login
I'm not sure why it's throwing this .htaccess error. It's the .htaccess that Laravel automatically created.
Errors says what is your problem: Permission denied: AH00529: /var/www/api.example.com/web/api/public/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable
Make htaccess readable using chmod command:
chmod 644 /var/www/api.example.com/web/api/public/.htaccess
Also check this answers if this not help

GAE dev_appserver.py over HTTPS

Has anyone cracked how to get HTTPS working on the dev_appserver.py? I need it for Facebook canvas app testing. I've had a search of the docs and nothing suggests there's a way to do it (sticking 'secure' in the app.yaml doesn't nothing locally).
I was think there may be a way to proxy it, but has anyone got any experience of this?
The dev_appserver doesn't support HTTPS. The only practical way to do this is to set up a reverse proxy in front of your app - such as with nginx or Apache - and have it proxy SSL traffic to your app.
I know this is late, in case anybody else finds this question:
ngrok is quiet easy to setup for a custom reverse HTTPS proxy..
The only downside is that my webapp2 application still believes it's being served over HTTP, so using redirect() doesn't work well because it resolves relative URLs to absolute URLs using request.url.
My workaround was to overwrite RequestHandler.redirect as follows:
class BaseRequestHandler(RequestHandler):
def redirect(self, uri, permanent = False, abort = False, code = None, body = None):
if uri.startswith(('.', '/')):
base_url = self.request.url
if base_url.startswith('http://'):
base_url = 'https://' + base_url[7:]
uri = str(urlparse.urljoin(base_url, uri))
super(RequestHandler, self).redirect(uri, permanent, abort, code, body)
I needed a BaseRequestHandler class anyways for implementing other utility functions.
I put this in my Appache httpd.conf to proxy the connection:
<Location /myproject/>
ProxyPass http://localhost:8080/
</Location>
Now going to https://localhost/myproject/ in my browser worked.
Note: SSL needs to be enabled on your Apache server. On my OS X machine I uncommented out the line Include /private/etc/apache2/extra/httpd-ssl.conf in /etc/apache2/httpd.conf and ran sudo apachectl restart

Resources