Rob, You might want to use a restricted realm setup and use the authnname and setup a number of users to control the access. Part I: Restricting access. Using a authorization file on the folder in question is also possible, but if your users create subfolders, then they will be prompted to reauthenticate as they traverse the subfolders.
Using the Authusername might be easier. Part II: Secure vs. unsecure connections: If you have both 80 and 443 bound to each of these virtual websites, then users will be able to connect on each port. Inserting the access controls mentioned at the top will work across both. If you want to insure that users are not able to open this connection via 80, then do not include this port in your listen statements in http.conf. There are many different ways to deal with this. See the following for more details. Binding ports and the listen option: http://httpd.apache.org/docs-2.0/bind.html Authentication overview. http://httpd.apache.org/docs-2.0/howto/auth.html Users via a password file: http://httpd.apache.org/docs-2.0/howto/auth.html#gettingitworking Users via a groups file: http://httpd.apache.org/docs-2.0/howto/auth.html#lettingmorethanonepersonin On Fri, 8 Nov 2002, Robert Lagana wrote: > Hello, i> > Using mod_ssl .. on Apache .. I would like to secure two directories.. > > https://www.domain.com/homedir <https://www.domain.com/homedir> > > https://www.domain.com/homedir2 <https://www.domain.com/homedir2> > > Now if user go to http://www.domain.com <http://www.domain.com> will users > get a pop up saying that SSL is required? > > Is this just a matter of having Port 80 and Port 443 enabled? > > Do I set these directories up as virtual hosts? > > Is there a link someone can provided that explains this? > > Thanks, > Rob > > > ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
