apache SSL help

Craig White craigwhite at azapple.com
Tue Oct 17 10:28:44 MST 2006


On Tue, 2006-10-17 at 10:10 -0700, der.hans wrote:
> Am 17. Oct, 2006 schwätzte Craig White so:
> 
> > In the sense that the only thing this server is doing is serving drupal
> > and it is the one I want to ensure is using SSL, no.
> >
> > What I am trying to accomplish is to require SSL on everything but one
> > specific URL.
> >
> > With the Redirect Permanent /drupal line commented out
> >
> > and the <Directory>/drupal SSLRequireSSL</Directory> commented out, life
> > is good but then of course, I don't ensure that I have that people are
> > using SSL and it's entirely possible for them to login and use their
> > network credentials without encryption.
> 
> Can drupal be configged to only allow auth via SSL?
> 
> Twould be a good feature :).
> 
> I remember seeing something like that for either drupal or joomla.
> 
> I'm using a rather convoluted mechanism with my drupal setups, but we only
> have a few people logging in, so I can direct them to the proper login
> page.
> 
> That will be changing with one, so having a solution would be cool. In
> other words, please make sure to let us know what you did when you get it
> working :).
----
me thinks not...

# grep -r ssl /var/www/html/drupal | grep -v expressly | grep -v
accesslog | grep -v painlessly | grep -v civicrm

/var/www/html/drupal/includes/common.inc:      $fp =
@fsockopen('ssl://'. $uri['host'], $port, $errno, $errstr, 20);

# grep -r SSL /var/www/html/drupal | grep -v expressly | grep -v
accesslog | grep -v painlessly | grep -v civicrm

/var/www/html/drupal/includes/common.inc:      // Note: Only works for
PHP 4.3 compiled with OpenSSL.

Craig



More information about the PLUG-discuss mailing list