You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Leon Stringer <le...@ntlworld.com> on 2006/01/28 21:29:47 UTC
[users@httpd] HTTP or HTTPS access based on subnet
Hi,
I'm looking at encrypting traffic to a web server and have successfully
generated a certificate and key, set up a VirtualHost for port 443.
I then used Redirect to send requests to the old URL (on port 80) to the
VirtualHost to prevent port 80 access.
This appears to be working fine.
However, what I'd ideally like to do is allow traffic from my LAN access
on port 80 (e.g. anyone from 192.168.0.0/24) but make everyone else go
the HTTPS route. I've seen the Allow/Deny entries but I don't seem to be
able to get a legal combination of these and my other settings.
Presumably this is a common thing to want to do, but there's nothing
obvious from my searches so far.
Advice and assistance gratefully received,
Leon...
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] HTTP or HTTPS access based on subnet
Posted by Leon Stringer <le...@ntlworld.com>.
On Sat, 2006-01-28 at 15:34 -0500, Joshua Slive wrote:
>
> Order Deny,Allow
> Deny from all
> Allow from 192.168.0.0/24
> ErrorDocument 403 https://yoursite.example.com/
>
> But people often use mod_rewrite for a task like this to gain more
> precise controls over what URLs are redirected where. (For example,
> if you wanted to make sure the specific path was carried over to the
> other site, you would want to use mod_rewrite.)
>
> Joshua.
>
Thanks, I'll try that out.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] HTTP or HTTPS access based on subnet
Posted by Joshua Slive <jo...@slive.ca>.
On 1/28/06, Leon Stringer <le...@ntlworld.com> wrote:
> Hi,
>
> I'm looking at encrypting traffic to a web server and have successfully
> generated a certificate and key, set up a VirtualHost for port 443.
>
> I then used Redirect to send requests to the old URL (on port 80) to the
> VirtualHost to prevent port 80 access.
>
> This appears to be working fine.
>
> However, what I'd ideally like to do is allow traffic from my LAN access
> on port 80 (e.g. anyone from 192.168.0.0/24) but make everyone else go
> the HTTPS route. I've seen the Allow/Deny entries but I don't seem to be
> able to get a legal combination of these and my other settings.
>
> Presumably this is a common thing to want to do, but there's nothing
> obvious from my searches so far.
Order Deny,Allow
Deny from all
Allow from 192.168.0.0/24
ErrorDocument 403 https://yoursite.example.com/
But people often use mod_rewrite for a task like this to gain more
precise controls over what URLs are redirected where. (For example,
if you wanted to make sure the specific path was carried over to the
other site, you would want to use mod_rewrite.)
Joshua.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org