Difference between revisions of "Private Label SSL"

From Beds24 Wiki
Jump to navigation Jump to search
m (1版 をインポートしました)
Beds24>Markkinchin
Line 1: Line 1:
 
[[Category:How to]]
 
[[Category:How to]]
 
[[Category:Booking_Page]]
 
[[Category:Booking_Page]]
 +
<div class="heading">SSL</div>
 
  This page explains how to setup your own domain name with a SSL certificate
 
  This page explains how to setup your own domain name with a SSL certificate
 
Showing the booking page securely requires using an SSL certificate for the secure https protocol.
 
Showing the booking page securely requires using an SSL certificate for the secure https protocol.
Beds24.com has a certificate but if you use your own domain with our certificate the browser will show a warning message becasue the certificate must match your domain name.
+
Beds24 has a certificate but if you use your own domain with our certificate the browser will show a warning message becasue the certificate must match your domain name.
  
== Set SSL up yourself ==
 
  
 
Experienced network administrators can set the SSL up themselves using one of the options below:
 
Experienced network administrators can set the SSL up themselves using one of the options below:
  
=== Using Cloudflare for SSL to open your control panel login ===
+
= Option 1: Using Cloudflare for SSL to open your control panel login=  
 +
 
 
This has been tested and works on the cloudflare.com free plan.
 
This has been tested and works on the cloudflare.com free plan.
  
Line 18: Line 19:
 
3) Setup your DNS at Cloudflare for all existing services at your domain and sub domains. Cloudflare will attempt to do this automatically.
 
3) Setup your DNS at Cloudflare for all existing services at your domain and sub domains. Cloudflare will attempt to do this automatically.
  
4) Add a CNAME record at Cloudflare for your private label domain or sub domain pointing to '''admin.beds24.com'''
+
4) Add a CNAME record at Cloudflare for your private label domain or sub domain pointing to '''admin.beds24.com''' with proxy status = '''Proxied'''
  
5) Go to the Crypto menu in Cloudflare and change "SSL" =FULL.
+
5) Go to the Crypto menu in Cloudflare and change "SSL" = '''Full'''.
  
6) Wait 24 hours and your domain should open with https://
+
6) Go to CloudFlare -> SSL Tab -> Edge Certificates -> At Bottom page -> Enable Universal SSL
  
7) Once https:// is working, go to the Crypto menu in Cloudflare and set "Always use HTTPS" = ON
+
7) Wait up to 24 hours and your domain should open with https://
  
=== Using Cloudflare for SSL to open your booking page ===
+
8) Once https:// is working, go to the Crypto menu in Cloudflare and set "Always use HTTPS" = ON
 +
 
 +
= Option 2: Using Cloudflare for SSL to open your booking page=  
  
 
1) Follow all the steps above in "Using Cloudflare for SSL to open your control panel login"
 
1) Follow all the steps above in "Using Cloudflare for SSL to open your control panel login"
Line 40: Line 43:
 
  for example https://my.private.domain.com/booking.php?propid=12345
 
  for example https://my.private.domain.com/booking.php?propid=12345
  
=== Installing your own reverse proxy server ===
+
= Option 3: Installing your own reverse proxy server=  
 +
 
 
It is possible to do this yourself on your own server.
 
It is possible to do this yourself on your own server.
 
We cannot provide support for any work on your server.
 
We cannot provide support for any work on your server.
 
These instructions are for a LAMP server.
 
These instructions are for a LAMP server.
  
  You will need root access to your server, the ability to configure apache and the ability to install a SSL certificate. In principle a small virtual server should be adequate.
+
<span style="color:#fe746c;“ >{{#fas:exclamation-triangle}} </span> You will need root access to your server, the ability to configure apache and the ability to install a SSL certificate. In principle a small virtual server should be adequate.
  
 
1) Setup a LAMP server for your domain.
 
1) Setup a LAMP server for your domain.
Line 87: Line 91:
  
  
  If you are not using a LAMP proxy server, make sure your server sends requests with HTTP_X_FORWARDED_HOST set as your domain name.
+
<span style="color:#fe746c;“ >{{#fas:exclamation-triangle}} </span> If you are not using a LAMP proxy server, make sure your server sends requests with HTTP_X_FORWARDED_HOST set as your domain name.
  
== Fully managed secure proxy from Beds24 ==
+
= Option 4: Fully managed secure proxy from Beds24=  
 
We can purchase and install a certificate, provide you with a private ip address and a reverse proxy server on our servers for a fee.  
 
We can purchase and install a certificate, provide you with a private ip address and a reverse proxy server on our servers for a fee.  
  
 
Contact support for information about the charge.
 
Contact support for information about the charge.

Revision as of 19:51, 2 September 2020

SSL
This page explains how to setup your own domain name with a SSL certificate

Showing the booking page securely requires using an SSL certificate for the secure https protocol. Beds24 has a certificate but if you use your own domain with our certificate the browser will show a warning message becasue the certificate must match your domain name.


Experienced network administrators can set the SSL up themselves using one of the options below:

Option 1: Using Cloudflare for SSL to open your control panel login

This has been tested and works on the cloudflare.com free plan.

1) Create an account for your domain at Cloudflare.

2) Move your nameservers from your current host to Cloudflare.

3) Setup your DNS at Cloudflare for all existing services at your domain and sub domains. Cloudflare will attempt to do this automatically.

4) Add a CNAME record at Cloudflare for your private label domain or sub domain pointing to admin.beds24.com with proxy status = Proxied

5) Go to the Crypto menu in Cloudflare and change "SSL" = Full.

6) Go to CloudFlare -> SSL Tab -> Edge Certificates -> At Bottom page -> Enable Universal SSL

7) Wait up to 24 hours and your domain should open with https://

8) Once https:// is working, go to the Crypto menu in Cloudflare and set "Always use HTTPS" = ON

Option 2: Using Cloudflare for SSL to open your booking page

1) Follow all the steps above in "Using Cloudflare for SSL to open your control panel login"

2) Go to the menu "Page Rules in Cloudflare

3) Add a new rule and for "If the URL matches" enter your private label domain.

4) Add the rule type "Forwarding Url" with "Permanent 301" type

5) For the forwarding domain, enter your private label domain and add booking.php?propid=12345 where 12345 is the property you want to open. You can open all properties with booking.php?ownerid=1234 where 1234 is your Beds24 owner id number.

for example https://my.private.domain.com/booking.php?propid=12345

Option 3: Installing your own reverse proxy server

It is possible to do this yourself on your own server. We cannot provide support for any work on your server. These instructions are for a LAMP server.

{{#fas:exclamation-triangle}} You will need root access to your server, the ability to configure apache and the ability to install a SSL certificate. In principle a small virtual server should be adequate.

1) Setup a LAMP server for your domain.

2) Purchase an SSL certificate for your domain.

3) Setup apache to serve your domain using https:

For the proxy specify SSLProxyEngine On


4) Setup apache to work as a reverse proxy using one of the following configurations for your Apache Virtual Host.


 # We're not an open proxy
 ProxyRequests off
 # Proxying is available for anyone
 <Proxy *>
   Order deny,allow
   Allow from all
 </Proxy>
 # The site we're proxying 
 ProxyPass / https://admin.beds24.com/
 ProxyPassReverse / https://admin.beds24.com/


5) Create an A record for your domain pointing at your proxy server's IP address. If you have previously created a CNAME record for non SSL don't forget to remove it.

6) Install mod_evasive to block excessive traffic from individual IP's and prevent your entire proxy being blacklisted

apt-get install libapache2-mod-evasive

These are appropriate configuration values to enter in evasive.conf

DOSHashTableSize 3097
DOSPageCount 2
DOSSiteCount 10
DOSPageInterval 1
DOSSiteInterval 1
DOSBlockingPeriod 10


{{#fas:exclamation-triangle}} If you are not using a LAMP proxy server, make sure your server sends requests with HTTP_X_FORWARDED_HOST set as your domain name.

Option 4: Fully managed secure proxy from Beds24

We can purchase and install a certificate, provide you with a private ip address and a reverse proxy server on our servers for a fee.

Contact support for information about the charge.