httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dirk-Willem van Gulik <>
Subject Re: [users@httpd] redirecting or rewriting urls of aliased directories to SSL port
Date Tue, 27 Aug 2002 14:24:32 GMT
On Tue, 27 Aug 2002 wrote:

> What's the best way to redirect or rewrite nonsecure requests to aliased
> directories so that they go to the SSL port? Doing this:
> Redirect /  https://mysystem
> only works for the DocumentRoot, not the Aliased directories. Those just
> fail. Thanks.

I usually do

	<VirtualHost xxxx:443>
	        Servername intranet....
	        ServerAlias ...
		SSLEngine On

	<VirtualHost xxxx:80>
	        Servername intranet....
	        ServerAlias ...

        	Documentroot    /usr/.../intranet/
	        TransferLog     ...

        	# Redirect *everything* to SSL.
	        RewriteEngine on
	        RewriteRule     ^(.*)$1 [R=301]

And then - just to be paranoid; enforce the SSL explicit on each
directory which needs a login plaintext over SSL.

	<Directory /usr..../intranet>
	        # Make rather sure we are using TLS before we start
	        # messing with passwords and all that.
	        RewriteEngine On
	        RewriteCond %{HTTPS} != on
	        RewriteRule (.*) [R]

        	# Ask password
	        AuthType Basic
	        AuthUserFile ...
        	AuthName ...
	        require valid-user

This is also easily combined with Digest Auth; i.e. insist on either
BasicAUth+SSL or Digest on either.


The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message