I've got a NAS (Synology) which hosts soem of my work.
There is a mariadb database, a web server (nginx) and Docker for hosting my personal python API.
Here is a graphical view:
As you can see, I also made a front (Vue JS) web page which uses the python API.
I want to secure all of that with HTTPS.
I successfully add a Let's Encrypt (LE) certificate and the web client use it with no problem.
But the python API is served only over HTTP, on the web client gives this error:
Mixed Content: The page at 'https://mydomain.fr/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://mydomain:12345/myroute'. This request has been blocked; the content must be served over HTTPS.
And I understand it.
So I want my python API to use HTTPS.
I use a gunicorn server, and I tried several things:
Add ssl_context:
app.run(host='0.0.0.0', ssl_context='adhoc')
Add some files given by LE (I don't understand what I do):
CMD ["gunicorn", "--certfile=certificat.pem", "--keyfile=cleprivee.key", "--ca_certs=ca.cer", "-b", "0.0.0.0:5000", "feed:app"]
But I only got "Time out" with thoses tests.
Do I have to use the same certificate as the web server for the api?
How do i "give" it to the api?
Related
I created an aplication but Its is not linked to my domain
exp: "site.com", "www.site.com", when I access it I get:
I need to make my ElasticBeanstalk application connect to my domain (jamelaumn.com) im the owner
here's my application loadbalancer prints:
currently I have no rules on EB LB
My EC2 LoadBalancer::
Based on the comments and your updates. I see two issues.
SSL certificate is setup for jamelaumn.com. This will not work. It must be setup for *.jamelaumn.com or api.jamelaumn.com. So you have to make new SSL certificate and add it to your ALB.
You have to redirect port 80 (http) to 443 (https) on your load balancer. The process is described in How can I redirect HTTP requests to HTTPS using an Application Load Balancer?
I just published a Python / Flask serverless website (no .htaccess), and I am trying to redirect all non-www to www.
I use NameCheap as my DNS registrar, and AWS API Gateway to serve the website. My main record for the website is:
CNAME: www -> abc012def3456.cloudfront.net
This CNAME works perfectly; I can access my website at https://www.example.com or http://www.example.com (which redirects to the https version).
To redirect the non-www to www, I added:
URL Redirect Record (301): # -> https://www.example.com
The thing is, http://example.com successfully redirects me to https://www.example.com, but https://example.com does not. Instead, it just does not respond.
What am I doing wrong? Are there any other recommended ways to redirect both http://example.com and https://example.com to https://www.example.com?
You can use elastic loadbalancers in AWS to redirect traffic from http to https. Below is a link to the docs
https://aws.amazon.com/premiumsupport/knowledge-center/elb-redirect-http-to-https-using-alb/
The basics are:
Create an https listener that redirects traffic to your flask server(s) on the port they are listening to
Create an http listener that redirects traffic to your https listener.
Happy Encrypting!
you can use python3-certbot to automate such stuffs
because certbot is an https installer or automatic https for the website/server manually
instead of editing it from a .htaccess file
https://pypi.org/project/certbot/
I have deployed my own apprtc server with collider & turn server configured in Google App engine locally with virtualbox. Everything is working properly but I want to use this apprtc server in my another project that is in anoter IP. So, Apprtc IP and my project IP is different. Now, when I included apprtc.debug.js & appwindow.js files to my project it cannot initialize loadingParams and says this error message "Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://<IP OF APPRTC>:8080/params. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing)".
However, entering http://<IP OF APPRTC>:8080/params in the browser gives me correct response but not in the project called in appwindow.js .After a bit of googling I added below lines in sendUrlRequest function :
xhr.setRequestHeader('Access-Control-Allow-Origin', '*');
xhr.setRequestHeader('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content-Type, Accept');
Now it says "CORS request did not succeed".
How can I make it work? Do I have to enable cors in server side also, if so where and how to do that? Please help me, I'm totally lost here...
I'm using pythonanywhere server and i want to use stanfordcorenlp server "http://corenlp.run:80" in my code but i get "<Response [401]>"
Don't hit corenlp.run with API calls! This is a server set up for demos, and is not provisioned for a large number of requests. It's giving you a 401 Unauthorized because you are unauthorized to make API requests against the public demo server.
You should instead run your own instance of the CoreNLP Server and make API requests against that instead.
I am trying to develop login with vk.com feature for our website. And testing it locally. In app I have given
http://127.0.0.1/
as base domain. In website during authorization it is requesting url:
https://oauth.vk.com/authorize?client_id=XXXX&redirect_uri=http://127.0.0.1/vk/login/check/&state=trackid=XXXX..
In callback url, I am calling
https://oauth.vk.com/access_token?client_id=XXXX&client_secret=YYYY&redirect_uri=redirect_uri=http://127.0.0.1/vk/login/check/aaa/bbbb&code=
But its not loading VK website for logging in. It shows error
{"error":"invalid_request","error_description":"redirect_uri has wrong
domain, check application settings"}.
Dont know whats wrong. Any help?
Earlier when testing to request code and accesstoken manually, I had given domain in app as https://www.example.com and used https://www.example.com as redirect url when requesting code and access token. At that time it had worked.
Now how can I test it when our website is running locally? Please help
You should open your 8000 port and put to "redirect_uri" your ip. But it's not exactly work, because u should have your own host
go to your app setting in VK set your redirect-uri http://127.0.0.1:5000/anything (port is important/use Port that you are using according to server hosting service). then try it.