How to prevent Rails 6 from blocking my AWS EC2 instances?

Asked 10/9, 2019 at 22:1 Answered 5/2 at 9:33

amazon-web-services aws-opsworks ruby-on-rails-6

I have some Rails 6 applications, deployed at AWS, via Opsworks.

After upgrading to Rails 6 the app blocks the health check of its own instance and it causes the load balancer to take the instance down.

I would like to know how to whitelist all my EC2 instances automatically with dynamic IP addresses? Instead of adding one by one to config/application.rb?

Thanks

Rails.application.configure do
  # Whitelist one hostname
  config.hosts << "hostname"
  # Whitelist a test domain
  config.hosts << /application\.local\Z/
  # config.hosts.clear 
end

Countercheck answered 10/9, 2019 at 22:1 Comment(0)

The work-around that worked for me was

config.hosts.clear

Hatch answered 28/11, 2019 at 12:10 Comment(2)

Thank you, It looks like this is the current workaround for mee too, but it is not ideal since it disables the feature. Best – Countercheck 28/11, 2019 at 22:26

I do not think this is really safe as in this way, you will allow all hosts access to your application. You should rather whitelist the hosts you want. – Selfrealization 27/1, 2020 at 9:39

I posted this question a while back. A safer solution would be reading the IP addresses from environmental variables that can be set from the AWS console.

config.hosts << ENV["INSTANCE_IP"]
config.hosts << ENV["INSTANCE_IP2"]
...
config.hosts << ENV["INSTANCE_IPn"]

At least in this way it does not require a new git commit every time the IP address changes when the instance has a dynamic IP.

Countercheck answered 24/11, 2021 at 23:45 Comment(0)

remove any config.hosts << "hostname" from application.rb config - then rails won't block hosts

Sheeting answered 5/2 at 9:33 Comment(0)

Simple solution is to allow the Health Checker user agent, add this to your production.log

  config.host_authorization = {
    exclude: ->(request) { request.user_agent =~ /ELB-HealthChecker/ }
  }

Prop answered 21/12, 2022 at 17:32 Comment(0)

-1

Looks like it has been resolved in the latest versions atleast works on 6.1 and above

https://guides.rubyonrails.org/configuring.html#actiondispatch-hostauthorization

You can exclude certain requests from Host Authorization checks by setting config.host_configuration.exclude:

# Exclude requests for the /healthcheck/ path from host checking
Rails.application.config.host_configuration = {
  exclude: ->(request) { request.path =~ /healthcheck/ }
}

Belittle answered 3/3, 2022 at 18:52 Comment(1)

Note this is incorrect. Rails.application.config.host_configuration does not exist. it should be Rails.application.config.host_authorization – Prop 21/12, 2022 at 17:26

Recommended topics

Hot tags