How to run apache in https only ?

2003-02-23 Thread Jay Moore 
I know this is a bit off-topic for this list, and I deserve all the 
flames I get... But I'm in a hurry, so here goes...

I want to run Apache so it responds only to https on port 443; http 
requests are to be simply ignored. I thought I knew how to do this, but 
then read something about using mod_rewrite which gave me a headache. 
Is there a simple how-to describing how to run your server so it 
responds only to https over port 443?

Thanks,
Jay
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]

Re: How to run apache in https only ?

2003-02-23 Thread Cliff Woolley 
On Sun, 23 Feb 2003, Jay Moore wrote:

 I want to run Apache so it responds only to https on port 443; http
 requests are to be simply ignored. I thought I knew how to do this, but
 then read something about using mod_rewrite which gave me a headache.
 Is there a simple how-to describing how to run your server so it
 responds only to https over port 443?

Sure.  See the SSLRequireSSL directive.
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]

Re: How to run apache in https only ?

2003-02-23 Thread R. DuFresne 

there are a couple of areas to check to see if your settings are correct
for this;


...
# BindAddress: You can support virtual hosts with this option. This
directive
# is used to tell the server which IP address to listen to. It can either
# contain *, an IP address, or a fully qualified Internet domain name.
# See also the VirtualHost and Listen directives.
#
#BindAddress *
...
#
# Port: The port to which the standalone server listens. For
# ports  1023, you will need httpd to be run as root initially.
#
Port 80
...
for apache 2.0.xx, this might be in an ssl specifici configuration file
as the tendancy is once again for 'segmentation'
##  SSL Support
##
##  When we also provide SSL we have to listen to the
##  standard HTTP port (see above) and to the HTTPS port
##
IfDefine SSL
Listen someplace.com:80
Listen someplace.com:443
/IfDefine


port 80 references are http, port 443 references are https.  Edit these
settings as appropriate for your setup.  Providing those are properly set
and the certs properly generated and available as stated in the configs,
then your systems should listen at the proper address/interface on the
appropriate port there for connections/services.  I believe bindaddress
has been depriciated for the listen directive.

Thanks,

Ron DuFresne


On Sun, 23 Feb 2003, Jay Moore wrote:

 I know this is a bit off-topic for this list, and I deserve all the 
 flames I get... But I'm in a hurry, so here goes...
 
 I want to run Apache so it responds only to https on port 443; http 
 requests are to be simply ignored. I thought I knew how to do this, but 
 then read something about using mod_rewrite which gave me a headache. 
 Is there a simple how-to describing how to run your server so it 
 responds only to https over port 443?
 
 Thanks,
 Jay
 __
 Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
 User Support Mailing List  [EMAIL PROTECTED]
 Automated List Manager[EMAIL PROTECTED]
 

-- 
~~
admin  senior security consultant:  sysinfo.com
http://sysinfo.com

Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation.
-- Johnny Hart

testing, only testing, and damn good at it too!

__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]