Difference between revisions of "Private Label SSL"
Markkinchin (talk | contribs) |
Markkinchin (talk | contribs) |
||
(17 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
[[Category:How to]] | [[Category:How to]] | ||
[[Category:Booking_Page]] | [[Category:Booking_Page]] | ||
+ | <div class="heading">SSL</div> | ||
This page explains how to setup your own domain name with a SSL certificate | This page explains how to setup your own domain name with a SSL certificate | ||
Showing the booking page securely requires using an SSL certificate for the secure https protocol. | Showing the booking page securely requires using an SSL certificate for the secure https protocol. | ||
− | Beds24 | + | Beds24 has a certificate but if you use your own domain with our certificate the browser will show a warning message becasue the certificate must match your domain name. |
− | + | ||
+ | Experienced network administrators can set the SSL up themselves using one of the options below: | ||
+ | |||
+ | = Option 1: Using Cloudflare for SSL to open your control panel login= | ||
+ | |||
+ | This has been tested and works on the cloudflare.com free plan. | ||
+ | |||
+ | 1) Create an account for your domain at Cloudflare. | ||
+ | |||
+ | 2) Move your nameservers from your current host to Cloudflare. | ||
+ | |||
+ | 3) Setup your DNS at Cloudflare for all existing services at your domain and sub domains. Cloudflare will attempt to do this automatically. | ||
+ | |||
+ | 4) Add a CNAME record at Cloudflare for your private label domain or sub domain pointing to '''admin.beds24.com''' with proxy status = '''Proxied''' | ||
+ | |||
+ | 5) Go to the Crypto menu in Cloudflare and change "SSL" = '''Full'''. | ||
+ | |||
+ | 6) Go to CloudFlare -> SSL Tab -> Edge Certificates -> At Bottom page -> Enable Universal SSL | ||
+ | |||
+ | 7) Wait up to 24 hours and your domain should open with https:// | ||
+ | |||
+ | 8) Once https:// is working, go to the Crypto menu in Cloudflare and set "Always use HTTPS" = ON | ||
+ | |||
+ | = Option 2: Using Cloudflare for SSL to open your booking page= | ||
+ | |||
+ | 1) Follow all the steps above in "Using Cloudflare for SSL to open your control panel login" | ||
+ | |||
+ | 2) Go to the menu "Page Rules in Cloudflare | ||
+ | |||
+ | 3) Add a new rule and for "If the URL matches" enter your private label domain. | ||
+ | |||
+ | 4) Add the rule type "Forwarding Url" with "Permanent 301" type | ||
+ | |||
+ | 5) For the forwarding domain, enter your private label domain and add '''booking.php?propid=12345''' where 12345 is the property you want to open. You can open all properties with '''booking.php?ownerid=1234''' where 1234 is your Beds24 owner id number. | ||
+ | |||
+ | for example https://my.private.domain.com/booking.php?propid=12345 | ||
+ | |||
+ | = Option 3: Installing your own reverse proxy server= | ||
It is possible to do this yourself on your own server. | It is possible to do this yourself on your own server. | ||
Line 11: | Line 49: | ||
These instructions are for a LAMP server. | These instructions are for a LAMP server. | ||
− | You will need root access to your server, the ability to configure apache and the ability to install a SSL certificate. In principle a small virtual server should be adequate. | + | <span style="color:#fe746c;“ >{{#fas:exclamation-triangle}} </span> You will need root access to your server, the ability to configure apache and the ability to install a SSL certificate. In principle a small virtual server should be adequate. |
1) Setup a LAMP server for your domain. | 1) Setup a LAMP server for your domain. | ||
Line 38: | Line 76: | ||
5) Create an A record for your domain pointing at your proxy server's IP address. If you have previously created a CNAME record for non SSL don't forget to remove it. | 5) Create an A record for your domain pointing at your proxy server's IP address. If you have previously created a CNAME record for non SSL don't forget to remove it. | ||
+ | |||
+ | 6) Install mod_evasive to block excessive traffic from individual IP's and prevent your entire proxy being blacklisted | ||
+ | |||
+ | apt-get install libapache2-mod-evasive | ||
+ | |||
+ | These are appropriate configuration values to enter in evasive.conf | ||
+ | |||
+ | DOSHashTableSize 3097 | ||
+ | DOSPageCount 2 | ||
+ | DOSSiteCount 10 | ||
+ | DOSPageInterval 1 | ||
+ | DOSSiteInterval 1 | ||
+ | DOSBlockingPeriod 10 | ||
+ | |||
+ | |||
+ | <span style="color:#fe746c;“ >{{#fas:exclamation-triangle}} </span> If you are not using a LAMP proxy server, make sure your server sends requests with HTTP_X_FORWARDED_HOST set as your domain name. | ||
+ | |||
+ | = Option 4: Fully managed secure proxy from Beds24= | ||
+ | We can purchase and install a certificate, provide you with a private ip address and a reverse proxy server on our servers for a fee. | ||
+ | |||
+ | Contact support for information about the charge. |
Latest revision as of 20:51, 2 September 2020
This page explains how to setup your own domain name with a SSL certificate
Showing the booking page securely requires using an SSL certificate for the secure https protocol. Beds24 has a certificate but if you use your own domain with our certificate the browser will show a warning message becasue the certificate must match your domain name.
Experienced network administrators can set the SSL up themselves using one of the options below:
Contents
1 Option 1: Using Cloudflare for SSL to open your control panel login
This has been tested and works on the cloudflare.com free plan.
1) Create an account for your domain at Cloudflare.
2) Move your nameservers from your current host to Cloudflare.
3) Setup your DNS at Cloudflare for all existing services at your domain and sub domains. Cloudflare will attempt to do this automatically.
4) Add a CNAME record at Cloudflare for your private label domain or sub domain pointing to admin.beds24.com with proxy status = Proxied
5) Go to the Crypto menu in Cloudflare and change "SSL" = Full.
6) Go to CloudFlare -> SSL Tab -> Edge Certificates -> At Bottom page -> Enable Universal SSL
7) Wait up to 24 hours and your domain should open with https://
8) Once https:// is working, go to the Crypto menu in Cloudflare and set "Always use HTTPS" = ON
2 Option 2: Using Cloudflare for SSL to open your booking page
1) Follow all the steps above in "Using Cloudflare for SSL to open your control panel login"
2) Go to the menu "Page Rules in Cloudflare
3) Add a new rule and for "If the URL matches" enter your private label domain.
4) Add the rule type "Forwarding Url" with "Permanent 301" type
5) For the forwarding domain, enter your private label domain and add booking.php?propid=12345 where 12345 is the property you want to open. You can open all properties with booking.php?ownerid=1234 where 1234 is your Beds24 owner id number.
for example https://my.private.domain.com/booking.php?propid=12345
3 Option 3: Installing your own reverse proxy server
It is possible to do this yourself on your own server. We cannot provide support for any work on your server. These instructions are for a LAMP server.
You will need root access to your server, the ability to configure apache and the ability to install a SSL certificate. In principle a small virtual server should be adequate.
1) Setup a LAMP server for your domain.
2) Purchase an SSL certificate for your domain.
3) Setup apache to serve your domain using https:
For the proxy specify SSLProxyEngine On
4) Setup apache to work as a reverse proxy using one of the following configurations for your Apache Virtual Host.
# We're not an open proxy ProxyRequests off # Proxying is available for anyone <Proxy *> Order deny,allow Allow from all </Proxy> # The site we're proxying ProxyPass / https://admin.beds24.com/ ProxyPassReverse / https://admin.beds24.com/
5) Create an A record for your domain pointing at your proxy server's IP address. If you have previously created a CNAME record for non SSL don't forget to remove it.
6) Install mod_evasive to block excessive traffic from individual IP's and prevent your entire proxy being blacklisted
apt-get install libapache2-mod-evasive
These are appropriate configuration values to enter in evasive.conf
DOSHashTableSize 3097 DOSPageCount 2 DOSSiteCount 10 DOSPageInterval 1 DOSSiteInterval 1 DOSBlockingPeriod 10
If you are not using a LAMP proxy server, make sure your server sends requests with HTTP_X_FORWARDED_HOST set as your domain name.
4 Option 4: Fully managed secure proxy from Beds24
We can purchase and install a certificate, provide you with a private ip address and a reverse proxy server on our servers for a fee.
Contact support for information about the charge.