Dear Wiki user, You have subscribed to a wiki page or wiki category on "Httpd Wiki" for change notification.
The following page has been changed by JohnCrown: http://wiki.apache.org/httpd/ScratchPad/RedirectSSL The comment on the change is: added email, removed search, added likepages ------------------------------------------------------------------------------ [[Navigation(slideshow)]] - [[FullSearch]] = Redirect Request to SSL = Let's say you want http://www.domain.com/secure/ to always be sent over SSL (I presume here that both the normal and the SSL vhost have the same content). You could do this by linking to the correct page from within your HTML pages... but there will always be some user who will sneak by it that way. @@ -53, +52 @@ [[Anchor("context_htaccess")]] == Context: .htaccess, server config, virtual host, directory == - [[Anchor("most_secure_ssl_redirect_method)]] === Most Secure SSL Redirect Method (doesn't require mod_rewrite!) === [[FootNote(Based on article at http://www.askapache.com/2006/htaccess/apache-ssl-in-htaccess-examples.html with explicit permission given by site owner and article author to repost here.)]][http://httpd.apache.org/docs/trunk/mod/mod_ssl.html#ssloptions SSLOptions +StrictRequire] forces forbidden access (403) when `SSLRequireSSL` or `SSLRequire` decide access should be forbidden. Usually where a [http://httpd.apache.org/docs/trunk/mod/mod_access_compat.html#satisfy Satisfy Any] directive is used, this denial of access is overridden. For strict access restriction you can use `SSLRequireSSL` and/or `SSLRequire` in combination with an `SSLOptions +StrictRequire` Then an additional `Satisfy Any` has no chance once [http://httpd.apache.org/docs/trunk/mod/mod_ssl.html mod_ssl] has decided to deny access. @@ -105, +103 @@ http'''s'''://askapache.com/index.html:NOSSL ==> http://askapache.com/index.html }}} - ---- [[FootNote()]] + ---- + [[LikePages]] - ---- - [wiki:ScratchPad ScratchPad] -
