On Tue, Nov 24, 1998, Surasak Sukhsawas wrote:
> How can I set it so that:
>
> - DocumentRoot is SSL enabled
> - UserDir ( ~user1, ~user2, ... ) is SSL disabled
> - /home/myOwnDir is SSL enabled
> - /home/SomeOneDir is SSL disabled
>
> with only one instance of mod_ssl httpd ( started by apachectl startssl ).
> I mean I don't want to have 2 daemons with 2 different configuration files
> running.
In general you have to bundle the SSL-enabled parts into an SSL-enabled
<VirtualHost> and the SSL-disabled parts into a normal <VirtualHost>.
But, when you say something "is SSL enabled" this is a little bit confusing.
Because not the resources are SSL enabled, the access to them _can_ be
SSL-enabled. I guess, what you actually want, is to _force_ SSL for some
resources, i.e. they should not be accessible without SSL?
Then it's this way: Setup two <VirtualHost> sections, one SSL-disabled and one
SSL-enabled, but both with the same directory configurations. And then use
SSLRequireSSL directives in the SSL-disabled <VirtualHost> to deny access to
some directories. This way with HTTPS you can access all resources and with
HTTP only some of them.
> Also how can I refer to UserDir in other part of *.conf ? I can't do this:
>
> <Directory UserDir>
> Options -ExecCGI
> </Directory>
>
> but I have to do this rather:
>
> <Directory /home/std/*/public_html>
> ...
> </Directory>
> <Directory /home/std2/*/public_html>
> ...
> </Directory>
Hmmm... no, you can't use symbolic names like UserDir. But perhaps you can use
a single <DirectoryMatch> instead of more <Directory> sections. This at least
reduces the redundancy in writing down the stuff a little bit.
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
______________________________________________________________________
Apache Interface to SSLeay (mod_ssl) www.engelschall.com/sw/mod_ssl/
Official Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]