RE: forcing secure via name (off topic?)

Mon, 10 May 1999 21:45:24 -0700 

Configure virtual hosts secure.hostname.org:80 and secure.hostname.org:443, 
let the secure.hostname.org:80 point to a different directory where you put 
a little PHP script as index.php3 (or use some extension recognized by 
Apache as being a PHP script) containing:

Header("Location: https://secure.hostname.org");

That should force HTTPS on secure.hostname.org without disabling initial 
HTTP access. (You  need to do check on the requested page if you want to 
include that into the redirection - I currently don't know which 
environmont variable that is).

Since www.hostname.org sits on the same IP/port address, all HTTPS requests 
to www.hostname.org are resolved to secure.hostname.org, meaning 
https://www.hostname.org has the same contents as 
https://secure.hostname.org. I don't think you can avoid that, unless you 
evaluate the hostname used on access of secure.hostname.org; if it is not 
secure.hostname.org you could do another re-direct.

I actually haven't tried any of this, but I hope it works or at least 
points you into the right direction. If you find an elegant solution for 
the SSL disabling on www.hostname.org, please let me know, I am about to do 
something similar.

Juergen

-----Original Message-----
From:   Eric Gus [SMTP:[EMAIL PROTECTED]]
Sent:   Tuesday, May 11, 1999 2:21 PM
To:     [EMAIL PROTECTED]
Subject:        forcing secure via name (off topic?)

Server Version: Apache/1.3.6 (Unix) mod_perl/1.19 PHP/3.0.7 mod_ssl/2.2.8
OpenSSL/0.9.2b

works fine as http and as https.

How can I force ssl when a user uses the url http://secure.hostname.org
(redirect/rewrite to https://secure.hostname.org) and deny ssl for
http(s)://www.hostname.org

I'd like to do this using a single ip.

I have 2 other virtuals (ip based), 1 of which will work under 80 or 443
(as wanted)

Do I have to do any dns entry changes?

the server currently responds as hostname.org and www.hostname.org

Gus




______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      [EMAIL PROTECTED]
Automated List Manager                            [EMAIL PROTECTED]
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      [EMAIL PROTECTED]
Automated List Manager                            [EMAIL PROTECTED]

Reply via email to