DNS records cannot define the protocol for a domain, therefore you can't redirect http://to https://through DNS. Doing it through the web server configuration is not portable, hard to do, error prone and just plain outdated. This is a job best handled by the Rails router.

DNS 记录无法定义域的协议，因此您无法通过 DNS重定向http://到https://。通过 Web 服务器配置来完成它是不可移植的、难以做到的、容易出错的并且已经过时了。这是最好由 Rails 路由器处理的工作。

# beginning of routes.rb 
match "*path" => redirect("https://www.mysite.com/%{path}"), :constraints => { :protocol => "http://" }
match "*path" => redirect("https://www.mysite.com/%{path}"), :constraints => { :subdomain => "" }

As an extension to user2100689's answer, in Rails 3+ you can use config.force_ssl = truein config/environments/production.rb

作为user2100689 答案的扩展，在 Rails 3+ 中，您可以config.force_ssl = true在config/environments/production.rb 中使用

The line can just be uncommented as follows

该行可以取消注释如下

# Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
config.force_ssl = true

Because this is Heroku, you cannot use apache or nginx configs. What you can do is put a before_filter in your ApplicationController, assuming you have 3 or more controllers like these below, although of course they will be in separate files

因为这是 Heroku，所以不能使用 apache 或 nginx 配置。你可以做的是在你的 ApplicationController 中放置一个 before_filter，假设你有 3 个或更多像下面这样的控制器，当然它们将在单独的文件中

class ApplicationController < ActionController::Base
    def redirect_https        
        redirect_to :protocol => "https://" unless request.ssl?
        return true
    end
    before_filter :redirect_https
end
class TypicalController < ApplicationController
    def blah
    end
end
class HomePageController < ApplicationController
    skip_before_filter :redirect_https
end

You may also need to fiddle your routes a bit when using devise, but I suspect that was just the way we did it so I won't get into those details here, and I've modified the code above to avoid that complication.

在使用 devise 时，您可能还需要稍微调整您的路线，但我怀疑这正是我们这样做的方式，所以我不会在这里详细介绍这些细节，并且我已经修改了上面的代码以避免这种复杂化。

happy hacking.

快乐的黑客。

Rails 3.1.0 and higher has force_ssl, which is a controller method that will redirect to https for non-development environments.

Rails 3.1.0 及更高版本具有force_ssl，这是一个控制器方法，将重定向到非开发环境的 https。

http://api.rubyonrails.org/classes/ActionController/ForceSSL/ClassMethods.html

http://api.rubyonrails.org/classes/ActionController/ForceSSL/ClassMethods.html

Place it in each controller that you want to redirect, or better yet, place it in your ApplicationController:

把它放在你想要重定向的每个控制器中，或者更好的是，把它放在你的 ApplicationController 中：

app/controllers/application.rb:

应用程序/控制器/application.rb：

class ApplicationController < ActionController::Base
  # ...
  force_ssl
  # ...
end

This is a good thing to always include in your apps (and of course you'll have to get a certificate). HTTPS Everywhere!

始终将其包含在您的应用程序中是一件好事（当然，您必须获得证书）。HTTPS无处不在！

You can always throw this in your production.rb... config.use_ssl = true

你总是可以把它扔到你的 production.rb 中... config.use_ssl = true

DO it in your vhosts file.

在您的 vhosts 文件中执行此操作。

Setup a SSL vhost.

设置 SSL 虚拟主机。

In your standard port 80 virtual host. Add this to the config:

在您的标准端口 80 虚拟主机中。将此添加到配置中：

Redirect permanent / https://www.mysite.com

This will forward all port 80 requests to https.

这会将所有端口 80 请求转发到 https。