apache SSL help
Craig White
craigwhite at azapple.com
Tue Oct 17 10:53:15 MST 2006
On Tue, 2006-10-17 at 10:10 -0700, der.hans wrote:
> Am 17. Oct, 2006 schwätzte Craig White so:
>
> > In the sense that the only thing this server is doing is serving drupal
> > and it is the one I want to ensure is using SSL, no.
> >
> > What I am trying to accomplish is to require SSL on everything but one
> > specific URL.
> >
> > With the Redirect Permanent /drupal line commented out
> >
> > and the <Directory>/drupal SSLRequireSSL</Directory> commented out, life
> > is good but then of course, I don't ensure that I have that people are
> > using SSL and it's entirely possible for them to login and use their
> > network credentials without encryption.
>
> Can drupal be configged to only allow auth via SSL?
>
> Twould be a good feature :).
>
> I remember seeing something like that for either drupal or joomla.
>
> I'm using a rather convoluted mechanism with my drupal setups, but we only
> have a few people logging in, so I can direct them to the proper login
> page.
>
> That will be changing with one, so having a solution would be cool. In
> other words, please make sure to let us know what you did when you get it
> working :).
----
it's working good enough for now
a connection from outside always shifts...
http://srv3.tobyhouse.com is redirected to https://cms.tobyhouse.com
I would prefer to have the SSLRequireSSL directive and Redirect
Permanent /drupal directives for a lot of reasons but for now, they are
off.
Thanks
Craig
More information about the PLUG-discuss
mailing list