https://bz.apache.org/bugzilla/show_bug.cgi?id=61519
--- Comment #9 from Reindl Harald <[email protected]> --- it IS worth when you have some hundrets of virtual hosts on dozens of machines which all have php_admin_value settings for open_basedir and so on and as we do migrate to everything-encrypted with letsencrypt certificates as you need to listen at port 80 even when you send HSTS headers and redirect after the first non-ssl connection this would mean 500 additional cloned <VirtualHost> definitions in our case we decide via DNS if a domain goes over the TLS-offloading proxy or if it is a low-traffic site directly to the apache server and so every <VirtualHost> contains the construct below <IfModule mod_rewrite.c> RewriteEngine on RewriteCond %{CONN_REMOTE_ADDR} !^proxy-lan-ip RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} </IfModule> proxy-configuration is generated based on parsed vhost-config-files from the origins - including look at that redirect stuff to make the decision if the procy itself should redirect to https before contact the origin at all you *really* don't want to deal with hundrets of cloned VirtualHost-definiton or even worse with special treatment instead of such a unified "fits all" configuration -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
