Per my earlier post, if this directive works,
I suppose folks are building one secure server
with secure directories that are in
the virtual hosted server areas.....would that be a
good way to go about it?
i.e. one secure web server off port 443, multiple
virtual hosts, but with secure directories under
the virtual host directory...
Hope I'm not confusing you!
Thanks for your responses!
-Arthur.
-----Original Message-----
From: Brett W. McCoy [mailto:[EMAIL PROTECTED]]
Sent: Thursday, March 08, 2001 3:53 PM
To: [EMAIL PROTECTED]
Subject: SSLRequireSSL
Maybe I am missing something about the use of SSLRequireSSL, but I am
trying to control access to a directory so that only connections using SSL
to that directory can be made. But no matter what directory I use that
directive in, non-SSL connections can still connect to anything in that
directory.
I have this in my httpd.conf:
<Directory "/usr/local/apache/1.3.14/htdocs">
SSLRequireSSL
</Directory>
I have also tried using SSLRequire and restricting access but all that
does is deny SSL-connections but allow non-SSL connections.
I'm using StrongHold 3.0 on Solaris and am also trying this on Win2k with
Apache 1.3.14, and I have the same problem in both places. The docs, it
seems, don't seem very clear on this -- I have copied the example straight
out of the mod_ssl manual.
-- Brett
http://www.chapelperilous.net/~bmccoy/
------------------------------------------------------------------------
Labor, n.:
One of the processes by which A acquires property for B.
-- Ambrose Bierce, "The Devil's Dictionary"
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
