Private Label SSL

From Booking Automation Wiki
Jump to: navigation, search
This page explains how to setup your own domain name with a SSL certificate

Showing the booking page securely requires using an SSL certificate for the secure https protocol. BookingAutomation has a certificate but if you use your own domain with our certificate the browser will show a warning message becasue the certificate must match your domain name.

Experienced network administrators can set the SSL up themselves using one of the options below:

Option 1: Using Cloudflare for SSL to open your control panel login

This has been tested and works on the free plan.

1) Create an account for your domain at Cloudflare.

2) Move your nameservers from your current host to Cloudflare.

3) Setup your DNS at Cloudflare for all existing services at your domain and sub domains. Cloudflare will attempt to do this automatically.

4) Add a CNAME record at Cloudflare for your private label domain or sub domain pointing to with proxy status = Proxied

5) Go to the Crypto menu in Cloudflare and change "SSL" = Full.

6) Go to CloudFlare -> SSL Tab -> Edge Certificates -> At Bottom page -> Enable Universal SSL

7) Wait up to 24 hours and your domain should open with https://

8) Once https:// is working, go to the Crypto menu in Cloudflare and set "Always use HTTPS" = ON

Option 2: Using Cloudflare for SSL to open your booking page

1) Follow all the steps above in "Using Cloudflare for SSL to open your control panel login"

2) Go to the menu "Page Rules in Cloudflare

3) Add a new rule and for "If the URL matches" enter your private label domain.

4) Add the rule type "Forwarding Url" with "Permanent 301" type

5) For the forwarding domain, enter your private label domain and add booking.php?propid=12345 where 12345 is the property you want to open. You can open all properties with booking.php?ownerid=1234 where 1234 is your BookingAutomation owner id number.

for example

Option 3: Installing your own reverse proxy server

It is possible to do this yourself on your own server. We cannot provide support for any work on your server. These instructions are for a LAMP server.

{{#fas:exclamation-triangle}} You will need root access to your server, the ability to configure apache and the ability to install a SSL certificate. In principle a small virtual server should be adequate.

1) Setup a LAMP server for your domain.

2) Purchase an SSL certificate for your domain.

3) Setup apache to serve your domain using https:

For the proxy specify SSLProxyEngine On

4) Setup apache to work as a reverse proxy using one of the following configurations for your Apache Virtual Host.

 # We're not an open proxy
 ProxyRequests off
 # Proxying is available for anyone
 <Proxy *>
   Order deny,allow
   Allow from all
 # The site we're proxying 
 ProxyPass /
 ProxyPassReverse /

5) Create an A record for your domain pointing at your proxy server's IP address. If you have previously created a CNAME record for non SSL don't forget to remove it.

6) Install mod_evasive to block excessive traffic from individual IP's and prevent your entire proxy being blacklisted

apt-get install libapache2-mod-evasive

These are appropriate configuration values to enter in evasive.conf

DOSHashTableSize 3097
DOSPageCount 2
DOSSiteCount 10
DOSPageInterval 1
DOSSiteInterval 1
DOSBlockingPeriod 10

{{#fas:exclamation-triangle}} If you are not using a LAMP proxy server, make sure your server sends requests with HTTP_X_FORWARDED_HOST set as your domain name.

Option 4: Fully managed secure proxy from BookingAutomation

We can purchase and install a certificate, provide you with a private ip address and a reverse proxy server on our servers for a fee.

Contact support for information about the charge.