Hi Ben,
If you want to not allow regular connections you can create a .htaccess
file and put the following command in it.
SSLRequireSSL
Adding this will cause an error if the page is accessed using http.
Cheers,
John
--- Ben Halliday <[EMAIL PROTECTED]> wrote:
>
> Hi list
>
> This is a good one, any help appreciated.
>
> I have a self-signed SSL certificate that works on just one of my
> virtual
> sites on my cobalt RAQ 4. I can view files with the URL
> https://xxx.xxx.xxx/index.htm and the traffic is encrypted at
> 128bits. All
> is fine there BUT, and its a big BUT. I can also see the file using
> the URL
> http://xxx.xxx.xxx/index.htm ????
>
> I thought that this would not be allowed cause it kind of spoils the
> point
> of SSL does it not?
>
> any ideas, or am I the dumb ass. . . again
>
> Thanks Ben
> _______________________________________________
> cobalt-security mailing list
> [EMAIL PROTECTED]
> http://list.cobalt.com/mailman/listinfo/cobalt-security
__________________________________________________
Do You Yahoo!?
Get personalized email addresses from Yahoo! Mail
http://personal.mail.yahoo.com/
_______________________________________________
cobalt-security mailing list
[EMAIL PROTECTED]
http://list.cobalt.com/mailman/listinfo/cobalt-security
