Mailing-List: contact users-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: users@httpd.apache.org
Received-SPF: pass (hermes.apache.org: local policy)
content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Date: Tue, 12 Oct 2004 13:53:02 -0400
Message-ID: <225735BE378BA7489D57D942F109AF69836C61@va02.va.corp.xtria.com>
Thread-Topic: [users@httpd] Securing individual directories (SSL)
Thread-Index: AcSwgMu1USG6TXNRSTadSrpS5TyLbQAAEHcA
From: "Warron French" <wfrench@xtria.com>
To: <users@httpd.apache.org>
Subject: RE: [users@httpd] Securing individual directories (SSL)

Barry, I too am not fluent with Apache.  However, I know that you can =
run 2 Apache daemons at one time.

Perhaps use httpd with an httpd/httpd.conf for you "unsecure" sites, and =
use httpsd/httpsd.conf(sp?) with your httpsd.

Hope this helps.
Warron French


-----Original Message-----
From: Barry (@islandkey.com) [mailto:barry@islandkey.com]
Sent: Tuesday, October 12, 2004 1:24 PM
To: Apache Users
Subject: [users@httpd] Securing individual directories (SSL)


I'm attempting to setup secure https for JUST the documentroot of my
webserver so that the login process is done via https, and once logged =
in,
it switches back to http.

Currently, I have the entire server running strictly https via rewrite
conditions like the following:

RewriteEngine       on
RewriteCond %{SERVER_PORT}  !^443$
RewriteRule ^/(.*)          https://%{SERVER_NAME}/$1 [NC,R,L]

Here is how my current virtualhost setup is configured:

<VirtualHost _default_:443>
DocumentRoot "/var/www/html"
ServerName www.domain.com:443
ServerAdmin admin@domain.com
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
SSLEngine on
SSLCipherSuite
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /etc/httpd/conf/ssl.crt/www.domain.com.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/www.domain.com.key
SSLCACertificateFile /usr/share/ssl/certs/ca-bundle.crt
</VirtualHost>

<VirtualHost *:80 >
ServerAdmin admin@domain.com
ServerName www.domain.com
ServerAlias domain.com
DocumentRoot /var/www/html
RewriteEngine       on
RewriteCond %{SERVER_PORT}  !^443$
RewriteRule ^/(.*)          https://%{SERVER_NAME}/$1 [NC,R,L]
</VirtualHost>

So, what I'd like to do is setup https for only the var/www/html =
directory,
and any subdirectories will be http (eg. /var/www/html/products would be
http).

Can anyone give me some tips (or let me know if it's even possible) on =
what
I'd need to change in order to do this? I'm not terribly fluent with =
Apache,
but I understand the basics.

Thanks very much for your time,
TH


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server =
Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org