-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 El 10/08/15 a las 10:11, Paolo Amboni escribió: > OK I'm waiting for a free certificate. > > But what i can't understand is why all the site is https not only the admin interface.
I told you, some web2py contributor it was best to do it that way in 2015, and everyone else thought it was a good idea, so the install script was changed so that all http is redirected to https. Specifically, this config tells apache "redirect all http to https": https://github.com/web2py/web2py/blob/master/scripts/setup-web2py-ubuntu.sh <VirtualHost *:80> RewriteEngine On RewriteCond %{HTTPS} !=on RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L] CustomLog /var/log/apache2/access.log common ErrorLog /var/log/apache2/error.log </VirtualHost> while the one on the manual just configures http: http://web2py.com/books/default/chapter/29/13/deployment-recipes#mod_wsgi |<VirtualHost *:80> ServerName web2py.example.com WSGIDaemonProcess web2py user=www-data group=www-data display-name=%{GROUP} WSGIProcessGroup web2py WSGIScriptAlias / /home/www-data/web2py/wsgihandler.py #This is Apache 2.2.x permission syntax. See Apache docs for 2.4 syntax # http://httpd.apache.org/docs/2.4/upgrading.html#run-time <Directory /home/www-data/web2py> AllowOverride None Order Allow,Deny Deny from all <Files wsgihandler.py> Allow from all </Files> </Directory> AliasMatch ^/([^/]+)/static/(?:_[\d]+.[\d]+.[\d]+/)?(.*) /users/www-data/web2py/applications/$1/static/$2 <Directory /users/www-data/web2py/applications/*/static/> Order Allow,Deny Allow from all </Directory> <Location /admin> Deny from all </Location> <LocationMatch ^/([^/]+)/appadmin> Deny from all </LocationMatch> CustomLog /private/var/log/apache2/access.log common ErrorLog /private/var/log/apache2/error.log </VirtualHost>| > I will study all the deployment chapter of the book to find some clues and > how to use the new certificate. > Thanks. In the manual, or in the script, it configures a self-signed certificate. You can use the script, or follow the book, but then you must replace the self-signed certificates | SSLCertificateFile /etc/apache2/ssl/server.crt SSLCertificateKeyFile /etc/apache2/ssl/server.key | by certificated signed by startssl (only for non-commercial purposes), or gandi.net, or any other "authority". You must follow their particular procedure to generate your server.key file and then get the correct server.crt file. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJVyGMLAAoJEATsOw+FDrzILdIP+wfVshYU7F4teHsQZGfhCC5X md2vA3SuNU6LE4Q+kNHaFAoY05ziUywetObgGpw36+qe59I4UePa7F3f9aNqhaQP yFiBmdpNZZmBGUWzHABI9JbSXAjc5be/4ReNUDcAx7MKT7wpTEeXJDlsn62e4Xom M6pXfOrLrtygsXGB0JF0DeJ3QL+EjcXPvTEQBC3x3C3bnKugDtzKfNzbxWmUhdaY ybs5e4rmD1g+b6QG50j/imnnGm4Pqfo+iI9AmcxGfs4bjWp7vup6JV8Lr4W+CsAV sccY0Jy6FDeqhQpdKPWcLe3YRrpY0p6wouzOZHlUfF8FeFPT7F6p9rOxEdw/2yJ6 uHfXG+9vFslM3y5lWfUp2ymp4dm0P31jfAc8eftLV+ZumiLDndO491EgJj8ewz9z +4VMWryEW+uJF1yUjpxikeQlvIMrGz+CEj4Yj/1mB6T4g3NKgtUdyIPP3ptjrWbQ ZMBTYPXhWETiNlf33N/YdSfz/9rzTjw+N1Vn1bc1k2WB9oyBGY7P2A/OqxrOD/G3 Mr/bFWwH0pD2UpvSWI+nUwIDoPtwgCx0SyiyItqBXnKBc5rQKSmdDBd1WSyTLWbG zqesLbifwzfN+zK+x6oAozp2fUWLq4CgcPTOPp9RBPwdPSD7lDHrShzfoyqxYvDy CMRh3KXHYMhdG4H2e3IU =+WTS -----END PGP SIGNATURE----- -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.