In your Apache httpd.conf file, under the VirtualHost block that handles your mailman config, force Apache to use https instead of http, even when somebody types in http. You do it by adding the below 2 lines: (you have to have mod_rewrite compiled and installed in your Apache daemon)
RewriteEngine on RewriteRule ^/(.+) https://www.somedomain.com/cgi-bin/mailmanconfig [R,L] HTH- Eric >Hello! > >I'm using mailman, but only at a *very* small scale. > >While beeing satisfied about the ease of configuration and managment >of the lists, I am worried about the fact, that the list administrator >is sending the list password in cleartext over the net when logging in. > >Of course I give the admins the advice to use https:// instead of http:// >when logging in, but mailman does not enforce it. > >I think of diving into the code some day to see into it, but maybe I'm >too paranoid or you have yet a solution to this... > >Any thoughts? > > Jorge-Le�n > > >On Thu, Nov 08, 2001 at 01:59:51PM +0000, Martin WHEELER wrote: >> On Thu, 8 Nov 2001, Andre Luis Lopes wrote: >> >> > Em Qui 08 Nov 2001 10:19, Craigsc escreveu: >... >> It's worth it for the web-based administration and archiving alone. >... > > >-- >To UNSUBSCRIBE, email to [EMAIL PROTECTED] >with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
