Difference between revisions of "Private Label SSL"

From Beds24 Wiki
Jump to navigation Jump to search
Line 38: Line 38:
  
 
5) Create an A record for your domain pointing at your proxy server's IP address. If you have previously created a CNAME record for non SSL don't forget to remove it.
 
5) Create an A record for your domain pointing at your proxy server's IP address. If you have previously created a CNAME record for non SSL don't forget to remove it.
 +
 +
6) Install mod_evasive to block excessive traffic from individual IP's and prevent your entire proxy being blacklisted
 +
 +
apt-get install libapache2-mod-evasive
 +
 +
#these are apropriate configuration values for evasive.conf
 +
DOSHashTableSize 3097
 +
DOSPageCount 2
 +
DOSSiteCount 10
 +
DOSPageInterval 1
 +
DOSSiteInterval 1
 +
DOSBlockingPeriod 10
 +
  
  
  
 
  If you are not using a LAMP proxy server, make sure your server sends requests with HTTP_X_FORWARDED_HOST set as your domain name.
 
  If you are not using a LAMP proxy server, make sure your server sends requests with HTTP_X_FORWARDED_HOST set as your domain name.

Revision as of 10:13, 4 January 2018

This page explains how to setup your own domain name with a SSL certificate

Showing the booking page securely requires using an SSL certificate for the secure https protocol. Beds24.com has a certificate but if you use your own domain with our certificate the browser will show a warning message.

We can purchase and install a certificate, provide you with a private ip address and a reverse proxy server on our servers for a fee.

It is possible to do this yourself on your own server. We cannot provide support for any work on your server. These instructions are for a LAMP server.

You will need root access to your server, the ability to configure apache and the ability to install a SSL certificate. In principle a small virtual server should be adequate.

1) Setup a LAMP server for your domain.

2) Purchase an SSL certificate for your domain.

3) Setup apache to serve your domain using https:

For the proxy specify SSLProxyEngine On


4) Setup apache to work as a reverse proxy using one of the following configurations for your Apache Virtual Host.


 # We're not an open proxy
 ProxyRequests off
 # Proxying is available for anyone
 <Proxy *>
   Order deny,allow
   Allow from all
 </Proxy>
 # The site we're proxying 
 ProxyPass / https://admin.beds24.com/
 ProxyPassReverse / https://admin.beds24.com/


5) Create an A record for your domain pointing at your proxy server's IP address. If you have previously created a CNAME record for non SSL don't forget to remove it.

6) Install mod_evasive to block excessive traffic from individual IP's and prevent your entire proxy being blacklisted

apt-get install libapache2-mod-evasive
#these are apropriate configuration values for evasive.conf
DOSHashTableSize 3097
DOSPageCount 2
DOSSiteCount 10
DOSPageInterval 1
DOSSiteInterval 1
DOSBlockingPeriod 10



If you are not using a LAMP proxy server, make sure your server sends requests with HTTP_X_FORWARDED_HOST set as your domain name.