httpd-docs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Tero Lampiluoto" <lampilu...@gmail.com>
Subject Re: wiki: RedirectSSL request to move out of scratchpad
Date Wed, 24 Oct 2007 19:28:48 GMT
> On Wed, Oct 24, 2007 at 05:51:21PM +0200, Jorge Schrauwen wrote:
> > I'd like to see http://wiki.apache.org/httpd/RedirectSSL moved out of the
> > scratchpad.

On 10/24/07, Mads Toftum <mads@toftum.dk> wrote:
> There's several things that needs fixing:
>
> "Let's say you want [WWW] http://www.example.com/secure/ to always be
> sent over SSL"

Hi,

This topic kinda forced me to give my comments :) I've written
few one (or more) liners at #apache earlier about this.

I personally dislike the idea that https and http point to same
DocumentRoot and suggesting that as "defacto" for users (as
Apache HTTPd's default config, number of Rewrite examples
and e.g. this scratchpad page do).

In my opinion there's e.g. the 2 following simple things:
- availability/performance; If you don't need https for content,
  there's no point serving it with https
- confidentiality; If you need https, you usually _definately_ don't
  want that content/traffic via plain http

(...and passing this kind of redirection to .htaccess gives me shivers,
maybe my trust on Joe Average Apache user/"admin" understanding
AllowOverride is not that strong - especially when the site is migrated
to another server or there's major Apache HTTPd upgrade...)

I understand that default configuration has certain size limitations
and same applies to number of htdocs and "htdocs-ssl" directories
in default installation.

Wiki would be good place to point out this kind of considerations,
optional ways to configure and separate http/https sites etc.
Maybe giving a thought for security besides keep-it-simple...
Btw. if someone points out e.g. common image/css/js/etc files
which are required in both http and https - I kinda like features
that Alias offers ;)

Comments about writing my suggestions as proposal to wiki
are fair. I'm not sure whether I have the time etc right now...

Regards, lamp

-- 
 Tero Lampiluoto

---------------------------------------------------------------------
To unsubscribe, e-mail: docs-unsubscribe@httpd.apache.org
For additional commands, e-mail: docs-help@httpd.apache.org


Mime
View raw message