On Tue, 2006-10-17 at 11:30 -0500,
alex@crackpot.org wrote:
> Quoting Craig White <craigwhite@azapple.com>:
>
> > On Tue, 2006-10-17 at 10:56 -0500, alex@crackpot.org wrote:
> >> Quoting alex@crackpot.org:
> >>
> >> > You need 2 virtual hosts. One for normal http, and the other for
> >> > https. I just wrote these samples off the top of my head, so you
> >> > might need to check the syntax in the docs, but this setup will work.
> >> >
> >> > NameVirtualHost 0.0.0.0
> >> >
> >> > <VirtualHost 0.0.0.0:80>
> >> > ServerName cms.tobyhouse.com
> >> > Redirect / https://cms.tobyhouse.com/
> >> > </VirtualHost>
> >> >
> >> > <VirtualHost 0.0.0.0:443>
> >> > ServerName cms.tobyhouse.com
> >> > SSLRequireSSL
> >> > # other directives
> >> > </VirtualHost>
> >>
> >> Sorry, Craig, I should have read your post a little closer.
> >> SSLRequireSSL need to be in a <Directory> like you have it, not in the
> >> <VirtualHost>. How to relax the SSLRequireSSL in a subdirectory? I
> >> don't know that one, but I'll keep looking.
> > ----
> > actually, the killer seems to be the Redirect Permanent /drupal line
> > because even if I just do a 'wget
> > http://localhost/drupal/modules/civicrm/extern/soap.php' the Redirect is
> > in play and it shifts automatically to an https request
> >
>
> If you'd like to redirect all requests to https, except that
> directory, I think you can use RedirectMatch, and write a regexp to
> exclude the /drupal directory.
> http://httpd.apache.org/docs/2.0/mod/mod_alias.html#redirectmatch
>
> Does that sound useful?
----
In the sense that the only thing this server is doing is serving drupal
and it is the one I want to ensure is using SSL, no.
What I am trying to accomplish is to require SSL on everything but one
specific URL.
With the Redirect Permanent /drupal line commented out
and the <Directory>/drupal SSLRequireSSL</Directory> commented out, life
is good but then of course, I don't ensure that I have that people are
using SSL and it's entirely possible for them to login and use their
network credentials without encryption.
Craig
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss