You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Nathan Kellogg <ap...@nwlocation.com> on 2006/12/13 00:00:32 UTC
[users@httpd] ssl - force ssl per directory
We have open ssl running fine on Apache 2.2.3.
A separate virtual host is defined for both the :80 port and for :443
In order that the .../secure/... directory be handled exclusively by the
SSL host, we have :
in the :80 vhost :
Redirect permanent c:/orcourt/htdocs/secure
https://www.orcourtsonline.com/htdocs/secure
and in the :443 vhost :
<Directory c:/orcourt/htdocs/secure/>
SSLRequireSSL
</Directory>
~~~~~~~~~~~~~~~~~~~~~
The problem is that requests for
http://www.orcourtsonline.com/secure/* still get handled by the :80 host.
What am I doing wrong here?
btw - this cant be tested form outside.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] ssl - force ssl per directory
Posted by Gregor Schneider <rc...@googlemail.com>.
My suggestion:
<VirtualHost *:80>
ServerName your_server
ServerAdmin webmaster@localhost
# don't loose time with IP address lookups
HostnameLookups Off
# needed for named virtual hosts
UseCanonicalName Off
#
RewriteEngine On
RewriteRule ^/(.*)$ https://%{HTTP_HOST}/$1
RewriteLog /var/log/apache2/your_server_rewrite.log
# RewriteLogLevel 9
</VirtualHost>
<VirtualHost *:443>
ServerName your_server
ServerAdmin webmaster@localhost
# don't loose time with IP address lookups
HostnameLookups Off
# needed for named virtual hosts
UseCanonicalName Off
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel info
ServerSignature Off
# SSL
SSLEngine On
[...]
</VirtualHost>
cheers
Greg
--
what's puzzlin' you, is the nature of my game
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] ssl - force ssl per directory
Posted by Joshua Slive <jo...@slive.ca>.
On 12/12/06, Nathan Kellogg <ap...@nwlocation.com> wrote:
> We have open ssl running fine on Apache 2.2.3.
>
> A separate virtual host is defined for both the :80 port and for :443
>
> In order that the .../secure/... directory be handled exclusively by the
> SSL host, we have :
See:
http://wiki.apache.org/httpd/Recipes/RedirectSSL
Joshua.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] ssl - force ssl per directory
Posted by Steve Swift <st...@gmail.com>.
You are specifying a file in your redirect. My documentation states:
Syntax: Redirect [status] URL-path URL
The old URL-path is a (%-decoded) path beginning with a slash. A relative
path is not allowed.
On 12/12/06, Nathan Kellogg <ap...@nwlocation.com> wrote:
>
> We have open ssl running fine on Apache 2.2.3.
>
> A separate virtual host is defined for both the :80 port and for :443
>
> In order that the .../secure/... directory be handled exclusively by the
> SSL host, we have :
>
> in the :80 vhost :
>
> Redirect permanent c:/orcourt/htdocs/secure
> https://www.orcourtsonline.com/htdocs/secure
>
> and in the :443 vhost :
>
> <Directory c:/orcourt/htdocs/secure/>
>
> SSLRequireSSL
>
> </Directory>
>
>
> ~~~~~~~~~~~~~~~~~~~~~
>
> The problem is that requests for
> http://www.orcourtsonline.com/secure/* still get handled by the :80 host.
>
> What am I doing wrong here?
>
>
> btw - this cant be tested form outside.
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
--
Steve Swift
http://www.swiftys.org.uk