httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Pete Nelson" <pete.nel...@ci.stpaul.mn.us>
Subject RE: SSL access
Date Wed, 17 Apr 2002 15:56:11 GMT
If you copied my example exactly, it probably won't work.  The
<Directory> should use the full filesystem path to your secure_data
directory:

<Directory {your DocumentRoot}/secure_data>
  ...

(Sorry, looking at my earlier advice, it was a little misleading)

The only other thing I can think of, if that still doesn't work, is
using virtual hosts - 

<VirtualHost *:80>
  <Location /secure_data>
    Deny from all
  </Location>
</VirtualHost>

<VirtualHost *:443>
</VirtualHost>


--
Pete Nelson, Web Developer
<pete.nelson@ci.stpaul.mn.us>
http://www.ci.stpaul.mn.us/

>>> htian@ias.edu 04/17/02 10:50AM >>>
Pete,

I did the following:

<Directory /secure_data>
  SSLRequireSSL
</Directory>

But both https and http still can access /secure_data.
Anyone have more ideas about it?

Thanks for your help.
Hong

-----Original Message-----
From: Pete Nelson [mailto:pete.nelson@ci.stpaul.mn.us] 
Sent: Wednesday, April 17, 2002 11:39 AM
To: users@httpd.apache.org 
Subject: Re: SSL access


If you note the 'Context' for SSLRequireSSL
(http://www.modssl.org/docs/2.8/ssl_reference.html#ToC22), you will
see that it's for use in a directory, or .htaccess file.  I believe
you'd want something like this:

<Directory /secure_data>
  SSLRequireSSL
</Directory>

Can anyone confirm that?

--
Pete Nelson, Web Developer
<pete.nelson@ci.stpaul.mn.us>
http://www.ci.stpaul.mn.us/ 

>>> htian@ias.edu 04/17/02 10:33AM >>>
Hi,

Our web server is Apache+mod_ssl+OpenSSL.
We have an important directory named secure_data. I don't want http
(port
80)
to access this directory of secure_data, but only allow https (port
443) to
access it.

I read the documentation of mod_SSL and try to use SSLRequire or
SSLRequireSSL
to resolve it. But the example is not clear to me.

Could anyone provide some examples to resolve it?

Thanks,
Hong




---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server
Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org 
For additional commands, e-mail: users-help@httpd.apache.org 


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server
Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org 
For additional commands, e-mail: users-help@httpd.apache.org 

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server
Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org 
For additional commands, e-mail: users-help@httpd.apache.org 


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message