try using mod_rewrite, you'll probably have to run configure again,
but that should do what you want
--mark
-----Original Message-----
From: St�phane THIBAUDEAU
To: [EMAIL PROTECTED]
Sent: 6/9/99 10:00 AM
Subject: securing a directory with SSLRequireSSL
Hi,
I'm using RedHat 5.2, Apache 1.3.6 and mod_ssl 2.2.8-1.3.6
I'd like to protect the directory
"/home/my_project/public_html/intranet/secure_area" with SSL to have it
unreachable using HTTP. But I'd like to provide access to pages in the
directory "/home/my_project/public_html/intranet/unsecure_area" using
HTTP
(I don't mind if it's possible to access it with HTTPS or not).
To do that, I wrote a ".htaccess" file in "secure_area" with only
SSLRequireSSL and I declared 2 virtual hosts as you can see below:
<VirtualHost linux-intranet:443>
SSLCACertificatePath /path/to/apache/conf/ssl.crt/
SSLCACertificateFile /path/to/apache/conf/ssl.crt/snakeoil-ca.crt
SSLCertificateFile /path/to/apache/conf/ssl.crt/snakeoil.crt
SSLCertificateKeyFile /path/to/apache/conf/ssl.key/snakeoil.key
SSLVerifyClient 0
SSLVerifyDepth 10
SSLLogFile /tmp/ssl.log
SSLEnable
DocumentRoot "/home/my_project/public_html/intranet"
</VirtualHost>
<VirtualHost linux-intranet:8003>
DocumentRoot "/home/my_project/public_html/intranet"
</VirtualHost>
My problem is that it's still possible to access "secure_area" with
HTTP.
What am I missing? Could you give me some advice to do what I want?
Thanks in advance,
St�phane.
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
