Iain Brown wrote:
> Hello jason,
> j> I could type https://my.web.page/secure/index.html
> j> but how do I make it so that when a user hits
> j> http://my.web.page/secure/index.html his browser will automagically go
> j> into https mode?
> Make sure the virtual hosts for ports 80 and 443 are in different
> directories. In the /secure subdirectory on the non-SSL virtual host,
> in your .htaccess file, use
> RewriteEngine On
> RewriteRule (.*) https://my.web.page/secure/$1 [R]
> Requires mod_rewrite, of course.
I presume that Jason wants to treat the pages essentially as a unit, and
only bother SSLing one or two of them.
If it's an active page, have your script check for the appropriate
environment variable(s) and output a redirect-and-error-message page if
they're absent or wrong. With engines like PHP, where _everything_
automatically appears as a variable, automatically, use an explicit
getenv() call to avoid being spoofed by a form with funny field names.
If it's not active, too bad. Use Iain's method. (-:
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
