httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Barry (" <>
Subject [users@httpd] Securing individual directories (SSL)
Date Tue, 12 Oct 2004 17:24:06 GMT
I'm attempting to setup secure https for JUST the documentroot of my
webserver so that the login process is done via https, and once logged in,
it switches back to http.

Currently, I have the entire server running strictly https via rewrite
conditions like the following:

RewriteEngine       on
RewriteCond %{SERVER_PORT}  !^443$
RewriteRule ^/(.*)          https://%{SERVER_NAME}/$1 [NC,R,L]

Here is how my current virtualhost setup is configured:

<VirtualHost _default_:443>
DocumentRoot "/var/www/html"
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
SSLEngine on
SSLCertificateFile /etc/httpd/conf/ssl.crt/
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/
SSLCACertificateFile /usr/share/ssl/certs/ca-bundle.crt

<VirtualHost *:80 >
DocumentRoot /var/www/html
RewriteEngine       on
RewriteCond %{SERVER_PORT}  !^443$
RewriteRule ^/(.*)          https://%{SERVER_NAME}/$1 [NC,R,L]

So, what I'd like to do is setup https for only the var/www/html directory,
and any subdirectories will be http (eg. /var/www/html/products would be

Can anyone give me some tips (or let me know if it's even possible) on what
I'd need to change in order to do this? I'm not terribly fluent with Apache,
but I understand the basics.

Thanks very much for your time,

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message