Actually, just take out the URL check from the HTTPS listener and it
will still work and your users will be able to browse the whole site
with SSL if they so desire. Personally, I would just run the whole site
behind SSL by default and redirect all non SSL requests to the ssl
version. Overhead is minimal to say the least and you get a lot of
benefits. It can solve issues of running say Varnish cache in front of
drupal not working properly because of ssl as well.
On fre 28 jun 2013 14:51:59, Alan McGinlay wrote:
This should do the trick:
ListenHTTP
Address IPADDR
Port 80
Service
HeadRequire "^Host:\s*mywebsite.com.*"
URL "/Login?user.*"
Redirect 301 "https://mywebsite.com"
End
Service
HeadRequire "^Host:\s*mywebsite.com.*"
BackEnd
Address yournormalbackend
Port 80
End
End
End
ListenHTTPS
Address IPADDR
Port 443
Cert "/etc/ssl/certs/cert.pem"
Service
HeadRequire "^Host:\s*mywebsite.com.*"
URL "/Login?user.*"
BackEnd
Address yournormalbackend
Port 80
End
End
End
That won't cover users trying to browse the rest of your site with
https enabled, add another service for that.
On 2013-06-28 14:08, PIEUX Emmanuel wrote:
Good morning,
I have a website to publish with Pound in http (ie
http://mywebsite.com).
I’d like the authentication page
(http://mywebsite.com/authentication/Login?user) be published in https,
and only this page.
How could I do that with Pound (and is it possible…)?
Sincerely
Emmanuel Pieux
*cid:image001.png@01CD9C8F.C7B90420
**Emmanuel PIEUX**– *Responsable de la sécurité des systèmes
d’information
*
*Chambre de Commerce et d'Industrie de Grenoble
1, place André Malraux - BP 297
38016 GRENOBLE CEDEX 1
T. 04 76 70 64 06 – M. 06 22 96 19 63
**www.grenoble.cci.fr <http://www.grenoble.cci.fr>
--
To unsubscribe send an email with subject unsubscribe to pound@apsis.ch.
Please contact ro...@apsis.ch for questions.
--
To unsubscribe send an email with subject unsubscribe to pound@apsis.ch.
Please contact ro...@apsis.ch for questions.