Sqlite based HTTP authentication for nginx

I have written a small module to nginx which adds Sqlite support to HTTP authentication.

The module is pushed on Github.

The module works with nginx version 0.8.x. I had last tested it with version 0.8.4.

Anyone using nginx version 1.0, please try it out and let me know whether it works or not.

HowTo: Forcing traffic to https

Here I consider two cases for forcing all the traffic to https and I assume you are using Apache Webserver.

Case A) Without LoadBalancer
Suppose you are running a site without a load balancer. Add these lines to your Apache configuration file:

RewriteEngine On

RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

Suppose you have Virtualhost entries for Http (port 80) and Https (port 443) then add this to VirtualHost entry of Http.

Case B) With LoadBalancer
Consider a scenario where you have a Loadbalancer and the communication between loadbalancer and server takes place like this:
1. When a request comes on port 80 of the loadbalancer it communicates with server on port 80 (i.e. LB Port 80 ==> Server Port 80)
2. And when a request comes on port 443 of the loadbalancer it communicates with server on port 80 (i.e. LB Port 443 ==> Server Port 80)

Here servers are always working on port 80.

If you are using Apache as a LoadBalancer you need to add this to the VirtualHost entry of https:

RequestHeader set X-Forwarded-Proto "https"

On the server add this to the VirtualHost entry of http:

RewriteEngine On

RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]

This will forward all the incoming requests on http to https.

This also works with Amazon’s Elastic Load Balancer as it has a support for X-Forwarded-Proto and X-Forwarded-Port.

HowTo: ReverseProxy to https in Apache

To enable reverse proxy (for http and https) you need these modules enabled in Apache:

• mod_proxy
• mod_proxy_http
• mod_proxy_connect

When you reverse proxy requests to http, add following lines to Apache configuration file:

ProxyPass /abc http://test.com/xyz
ProxyPassReverse http://test.com/xyz /abc

This is proxy all the content on /abc to http://test.com/xyz. So when you access /abc you will see the contents of http://test.com/xyz.

But to reverse proxy https content you need a CA certificate. The CA certificate is the same certificate that the server uses to serve https content.
You need to add these lines in Apache configuration file:

SSLProxyEngine On
SSLProxyCACertificateFile ssl/certificate.pem
ProxyPass /abc https://test.com/xyz
ProxyPassReverse https://test.com/xyz /abc

For more details: http://www.apachetutor.org/admin/reverseproxies

flock browser

This is the test post from Flock Browser.
Flock is great.

Blogged with the Flock Browser