Difference between revisions of "Private Label SSL"
Markkinchin (talk | contribs) |
Markkinchin (talk | contribs) |
||
Line 43: | Line 43: | ||
apt-get install libapache2-mod-evasive | apt-get install libapache2-mod-evasive | ||
− | + | These are appropriate configuration values to enter in evasive.conf | |
+ | |||
DOSHashTableSize 3097 | DOSHashTableSize 3097 | ||
DOSPageCount 2 | DOSPageCount 2 |
Revision as of 10:14, 4 January 2018
This page explains how to setup your own domain name with a SSL certificate
Showing the booking page securely requires using an SSL certificate for the secure https protocol. Beds24.com has a certificate but if you use your own domain with our certificate the browser will show a warning message.
We can purchase and install a certificate, provide you with a private ip address and a reverse proxy server on our servers for a fee.
It is possible to do this yourself on your own server. We cannot provide support for any work on your server. These instructions are for a LAMP server.
You will need root access to your server, the ability to configure apache and the ability to install a SSL certificate. In principle a small virtual server should be adequate.
1) Setup a LAMP server for your domain.
2) Purchase an SSL certificate for your domain.
3) Setup apache to serve your domain using https:
For the proxy specify SSLProxyEngine On
4) Setup apache to work as a reverse proxy using one of the following configurations for your Apache Virtual Host.
# We're not an open proxy ProxyRequests off # Proxying is available for anyone <Proxy *> Order deny,allow Allow from all </Proxy> # The site we're proxying ProxyPass / https://admin.beds24.com/ ProxyPassReverse / https://admin.beds24.com/
5) Create an A record for your domain pointing at your proxy server's IP address. If you have previously created a CNAME record for non SSL don't forget to remove it.
6) Install mod_evasive to block excessive traffic from individual IP's and prevent your entire proxy being blacklisted
apt-get install libapache2-mod-evasive
These are appropriate configuration values to enter in evasive.conf
DOSHashTableSize 3097 DOSPageCount 2 DOSSiteCount 10 DOSPageInterval 1 DOSSiteInterval 1 DOSBlockingPeriod 10
If you are not using a LAMP proxy server, make sure your server sends requests with HTTP_X_FORWARDED_HOST set as your domain name.