On Tue, Jul 20, 1999, Manuel Mollar wrote:
> > | \# Force clients from the Internet to use HTTPS
> > | RewriteEngine on
> > | RewriteCond %{REMOTE_ADDR} !^192\.168\.1\.[0-9]+$
> > | RewriteCond %{HTTPS} !=on
> > | RewriteRule .* - [F]
>
> I need to put:
> RewriteCond %{ENV:HTTPS} !=on
> to get it working.
Really? Interesting. In mod_ssl there is a EAPI hook into which mod_ssl links.
Can you find out why it doesn't work for you?
> Some questions ...
>
> 1.- What means - in the expresion .* - [F]? Is simply a manner to get an error?
Yes, it's just to force a "forbidden" error.
> 2.- Something like:
>
> RewriteEngine on
> RewriteCond %{ENV:HTTPS} !=on
> RewriteRule .* - [F]
>
> is the same as SSLRequireSSL ?
Hmmm.... yes. But because of the additional REMOTE_ADDR is wasn't able to use
SSLRequireSSL.
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
