-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
don't open or bind to port 80, load the mod_ssl and force the browser to load and bind only to 443. All done in the httpd.conf. and then backed up with the firewall or screening router to deny port 80 requests.
Thanks, Ron DuFresne On Tue, 5 Jul 2005, Hoda Nadeem wrote:
What is the easiest and cleanest way to entirely turn all non-SSL traffic off and only allow SSL traffic to pass through? Thanks. Nadeem Note: We are trying to use mod_rewrite, and it is currently messing up the mod_jk connector: <IfModule mod_rewrite.c> RewriteEngine On #Accept nothing else than login processing on port 443 RewriteCond %{SERVER_PORT} !443 RewriteRule ^/(.*) <our domain name>/$1 [L,R] </IfModule>
- -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
admin & senior security consultant: sysinfo.com http://sysinfo.com Key fingerprint = 9401 4B13 B918 164C 647A E838 B2DF AFCC 94B0 6629 ...We waste time looking for the perfect lover instead of creating the perfect love. -Tom Robbins <Still Life With Woodpecker> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFCyr2Bst+vzJSwZikRAhDrAJ0bRcpay0dt4Gxsm/NYEQjGvdDRAgCg2R4l Z97Ie5WhpPi3ziXffx4Wb70= =aVTr -----END PGP SIGNATURE----- ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List modssl-users@modssl.org Automated List Manager [EMAIL PROTECTED]