Return-Path: Delivered-To: apmail-httpd-users-archive@httpd.apache.org Received: (qmail 72779 invoked by uid 500); 18 Aug 2003 18:10:14 -0000 Mailing-List: contact users-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: users@httpd.apache.org list-help: list-unsubscribe: list-post: Delivered-To: mailing list users@httpd.apache.org Received: (qmail 72765 invoked from network); 18 Aug 2003 18:10:14 -0000 Received: from castor.internet.acbl.net (HELO castor.dmz.acbl.net) (65.203.89.252) by daedalus.apache.org with SMTP; 18 Aug 2003 18:10:14 -0000 Received: (qmail 23453 invoked by uid 1006); 18 Aug 2003 18:10:18 -0000 Received: from unknown (HELO dopey.acbl.net) (172.16.100.13) by castor.acbl.net with SMTP; 18 Aug 2003 18:10:18 -0000 Received: by dopey.acbl.net with Internet Mail Service (5.5.2653.19) id ; Mon, 18 Aug 2003 14:10:17 -0400 Message-ID: <961762B3A2CED411BA0F0000E866BBF505C9381C@dopey.acbl.net> From: "Peters, Michael D." To: "'users@httpd.apache.org'" Date: Mon, 18 Aug 2003 14:10:16 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N Subject: RE: [users@httpd] Forcing SSL? Thanks, I'll try that. That seems better than just not listening on 80. Best regards, Michael D. Peters -----Original Message----- From: Leif W [mailto:warp-9.9@usa.net] Sent: Monday, August 18, 2003 1:55 PM To: users@httpd.apache.org Subject: Re: [users@httpd] Forcing SSL? ----- Begin Original Message ----- From: Peters, Michael D. To: Users@Httpd. Apache. Org (E-mail) Sent: Monday, August 18, 2003 1:32 PM Subject: [users@httpd] Forcing SSL? What is the recommended method of forcing only https connections? Best regards, Michael D. Peters ----- End Original Message ----- Hello, Please send future messages as plain text, as most users dislike them and it may munge the web-archives or something. I'm not sure if this is the best way, but I've used a permanent redirect on my test site. Set up a virtual host listening on port 80 to catch and log http requests, and do a permanent redirect to https. See EXAMPLE 1 below. This seems to also automagically tack on anything after the / , see EXAMPLE 2 below. Hope this helps, and if anything I say is incorrect or not recommended, I'm sure someone(s?) will point that out and offer an alternative(s). Leif ================ EXAMPLE 1 ================ NameVirtualHost *:80 ServerName www.site1.net # ServerAdmin, Log declarations RedirectPermanent / https://www.site1.net/ Listen 443 NameVirtualHost *:443 ServerName www.site1.net # ServerAdmin, Logs, DocumentRoot, Directory # SSL specific options copied from the ssl.conf ================ EXAMPLE 2 ================ URL typed in browser or referenced by a page: http://www.site1.net/ (apache tells the browser to permanently redirect to the https site) URL now visible in browser: https://www.site1.net/ URL typed in browser or referenced by a page: http://www.site1.net/some/path/to/page.php (apache tells the browser to permanently redirect to the https site) URL now visible in browser: https://www.site1.net/some/path/to/page.php --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See for more info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org " from the digest: users-digest-unsubscribe@httpd.apache.org For additional commands, e-mail: users-help@httpd.apache.org --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See for more info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org " from the digest: users-digest-unsubscribe@httpd.apache.org For additional commands, e-mail: users-help@httpd.apache.org