Return-Path: Delivered-To: apmail-httpd-users-archive@httpd.apache.org Received: (qmail 60951 invoked by uid 500); 17 Apr 2002 15:56:26 -0000 Mailing-List: contact users-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: users@httpd.apache.org list-help: list-unsubscribe: list-post: Delivered-To: mailing list users@httpd.apache.org Received: (qmail 60934 invoked from network); 17 Apr 2002 15:56:26 -0000 Received: from mail.ci.stpaul.mn.us (HELO bruno.ci.stpaul.mn.us) (209.46.83.2) by daedalus.apache.org with SMTP; 17 Apr 2002 15:56:26 -0000 Message-Id: Date: Wed, 17 Apr 2002 10:56:11 -0500 From: "Pete Nelson" To: Subject: RE: SSL access Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Disposition: inline X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N If you copied my example exactly, it probably won't work. The should use the full filesystem path to your secure_data directory: ... (Sorry, looking at my earlier advice, it was a little misleading) The only other thing I can think of, if that still doesn't work, is using virtual hosts - Deny from all -- Pete Nelson, Web Developer http://www.ci.stpaul.mn.us/ >>> htian@ias.edu 04/17/02 10:50AM >>> Pete, I did the following: SSLRequireSSL But both https and http still can access /secure_data. Anyone have more ideas about it? Thanks for your help. Hong -----Original Message----- From: Pete Nelson [mailto:pete.nelson@ci.stpaul.mn.us] Sent: Wednesday, April 17, 2002 11:39 AM To: users@httpd.apache.org Subject: Re: SSL access If you note the 'Context' for SSLRequireSSL (http://www.modssl.org/docs/2.8/ssl_reference.html#ToC22), you will see that it's for use in a directory, or .htaccess file. I believe you'd want something like this: SSLRequireSSL Can anyone confirm that? -- Pete Nelson, Web Developer http://www.ci.stpaul.mn.us/ >>> htian@ias.edu 04/17/02 10:33AM >>> Hi, Our web server is Apache+mod_ssl+OpenSSL. We have an important directory named secure_data. I don't want http (port 80) to access this directory of secure_data, but only allow https (port 443) to access it. I read the documentation of mod_SSL and try to use SSLRequire or SSLRequireSSL to resolve it. But the example is not clear to me. Could anyone provide some examples to resolve it? Thanks, Hong --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See for more info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org For additional commands, e-mail: users-help@httpd.apache.org --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See for more info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org For additional commands, e-mail: users-help@httpd.apache.org --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See for more info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org For additional commands, e-mail: users-help@httpd.apache.org --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See for more info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org For additional commands, e-mail: users-help@httpd.apache.org