If a user uses the link http://site.com/ssl_site
they are able to access my "secure site" this in spite of the fact that the
secure directory requires authentication (that is bypassed too!)
my configuration includes
<Directory "/web/empweb">
Options Indexes FollowSymlinks
AllowOverride AuthConfig
order deny,allow
allow from all
SSLRequireSSL
</Directory>
the main directory, web, is the public document root, the empweb requires
passphrase and is supposed to be served on 443.
I'm using
SSLPassPhraseDialog builtin
any thoughts or ideas?
thanks,
Penny
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
