>I have a site that uses https (Secure Sockets) and http intermingled. There
>are some pages that I would like to prevent people from accessing unless
>they come in via https. For example, let's say I have the page "fred.html"
>and I only want people to be able to access it via SSL, as such:
>
>https://www.xyz.com/fred.html
>
>is there a way to give them an error message (or cause an automatic
>redirect) if they type in:
>
>http://www.xyz.com/fred.html
if you're running SSL as i understand it, you'll have two separate httpds
(though both can be virtual servers): one to handle straight http
requests, and one for https.
if so, you can go into the config file for the straight httpd and put in
directives which will redirect non-secure requests to the secure server:
Redirect /fred.html https://www.xyz.com/fred.html
of course, that can be cumbersome for individual files, so it would be
easiest to redirect an entire directory and simply dump your 'must be
secure' files there.
depending on the way you set up your access permissions, you can put the
same type of directive in a local .htaccess file.
mike stone <[EMAIL PROTECTED]>
____________________________________________________________________
--------------------------------------------------------------------
Join The Web Consultants Association : Register on our web site Now
Web Consultants Web Site : http://just4u.com/webconsultants
If you lose the instructions All subscription/unsubscribing can be done
directly from our website for all our lists.
---------------------------------------------------------------------
