[Ruby on Rails] Setting for Always Using HTTPS Connection: config.force_ssl = true
I’ll introduce how to configure Ruby on Rails to always use HTTPS/SSL connections.
There are files for each environment name under the config/environments directory, so edit the file for the environment where you want to enable SSL.
ls -l config/environments
total 24
-rw-r--r-- 1 username staff 1.9K 8 19 10:45 development.rb
-rw-r--r-- 1 username staff 3.8K 8 30 00:26 production.rb
-rw-r--r-- 1 username staff 1.7K 8 19 10:45 test.rb
This time we’ll proceed with the following requirements:
Simply uncomment config.force_ssl = true in config/environments/production.rb as follows to complete the always-on SSL configuration.
diff --git a/config/environments/production.rb b/config/environments/production.rb
index 21e3919..7619814 100644
--- a/config/environments/production.rb
+++ b/config/environments/production.rb
@@ -49,7 +49,7 @@ Rails.application.configure do
# Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
- # config.force_ssl = true
+ config.force_ssl = true
That’s all from the Gemba where we wanted to always use HTTPS/SSL connections in Ruby on Rails.