Return-Path: Delivered-To: apmail-httpd-users-archive@www.apache.org Received: (qmail 23718 invoked from network); 14 Apr 2006 13:45:13 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 14 Apr 2006 13:45:13 -0000 Received: (qmail 4447 invoked by uid 500); 14 Apr 2006 13:44:56 -0000 Delivered-To: apmail-httpd-users-archive@httpd.apache.org Received: (qmail 4293 invoked by uid 500); 14 Apr 2006 13:44:55 -0000 Mailing-List: contact users-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: users@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list users@httpd.apache.org Received: (qmail 4281 invoked by uid 99); 14 Apr 2006 13:44:55 -0000 Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 14 Apr 2006 06:44:55 -0700 X-ASF-Spam-Status: No, hits=0.0 required=10.0 tests=HTML_MESSAGE,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (asf.osuosl.org: domain of romeotheriault@gmail.com designates 64.233.162.192 as permitted sender) Received: from [64.233.162.192] (HELO nz-out-0102.google.com) (64.233.162.192) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 14 Apr 2006 06:44:54 -0700 Received: by nz-out-0102.google.com with SMTP id i11so105034nzh for ; Fri, 14 Apr 2006 06:44:33 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:mime-version:to:message-id:content-type:from:subject:date:x-mailer; b=eFOE4QD3tpAOdNGaJD+hfZTwWWojFInFN8Ps/wY9d8TKmyxq8fB6o7nIzcXK92TC9T444XS0n725nj6Z+OonWhXLn0EYnbEm4LG3rDoerd+bFe81uH37eMSUZS8S9iX08XuduE3gBmtdZCsNzaw20KjdygpnSdONk4c3hk0l6TQ= Received: by 10.36.74.19 with SMTP id w19mr2169046nza; Fri, 14 Apr 2006 06:44:32 -0700 (PDT) Received: from ?130.111.68.145? ( [130.111.68.145]) by mx.gmail.com with ESMTP id 36sm657430nzk.2006.04.14.06.44.32; Fri, 14 Apr 2006 06:44:32 -0700 (PDT) Mime-Version: 1.0 (Apple Message framework v749.3) To: users@httpd.apache.org Message-Id: Content-Type: multipart/alternative; boundary=Apple-Mail-2--788636246 From: Romeo Theriault Date: Fri, 14 Apr 2006 09:44:48 -0400 X-Mailer: Apple Mail (2.749.3) X-Virus-Checked: Checked by ClamAV on apache.org Subject: [users@httpd] How to SSL protect certain directories X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N --Apple-Mail-2--788636246 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed I have an apache website that I need some directories protected by ssl. So I got the certificate etc... Now I have two virtual hosts, one that is the unsecure and one that is the secure. There are only a few directories that I need secured by ssl. for example: http://www.some.domain.name.com/distance/register/ http://www.some.domain.name.com/registrar/request/ So to get those directories secured I put this mod_rewrite code into the unsecure httpd.conf file. RewriteEngine On RewriteBase / RewriteCond %{REQUEST_FILENAME} -f [OR] RewriteCond %{REQUEST_FILENAME} -d RewriteRule ^register/(.*) https:// www.some.domain.com/distance/register/$1 [C] RewriteEngine On RewriteBase / RewriteCond %{REQUEST_FILENAME} -f [OR] RewriteCond %{REQUEST_FILENAME} -d RewriteRule ^request/(.*) https:// www.some.domain.com/registrar/request/$1 [C] This works great. The problem is that once people have viewed those pages that are in those secure directories the rest of the pages they view on the site are on the secure site. I would like to have a rewriterule in the secure virtual host to check if they are not in one of those directories and redirect them back to the unsecure site. I've been banging my head trying to get this and I can't figure it out. (I'm new to regular expressions and mod_rewrite). I keep getting redirected back and forth until the browser tells me "Too many redirects." or some such error. Here's what I have so far for the secure virtual host, but again, it doesn't seem to work. RewriteEngine On RewriteRule !^register(.*) - [C] RewriteRule ^/(.*) http://www.some.domain.com/$1 [L] RewriteRule !^registrar/request/(.*) - [C] RewriteRule ^/(.*) http://www.some.domain.com/$1 [L] Could someone tell me what I'm doing wrong? Do I need to put the secure rewrite rules in a structure. Thank you. --Apple-Mail-2--788636246 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=ISO-8859-1
I = have an apache website=A0that I need some = directories protected by ssl. So I got the = certificate etc... Now I have two virtual hosts, = one that is the unsecure and one that is the secure. There are only a = few directories that I need secured = by ssl.=A0

for example:



=A0 =A0 =A0 =A0 = </Directory>

=A0 =A0 =A0 =A0 <Directory = /var/www/www/registrar >
=A0= =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 RewriteEngine = On
=A0 =A0 =A0 =A0 =A0 = =A0 =A0 =A0 =A0 =A0 =A0 =A0 RewriteBase /
=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0= RewriteCond %{REQUEST_FILENAME} -f [OR]
=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0= RewriteCond %{REQUEST_FILENAME} -d
=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0= RewriteRule ^request/(.*) https://www.some.domain.com/registrar/request/$1= =A0[C]
=A0 =A0 = =A0</Directory>


This works great.

The problem is that once people have viewed = those pages that are in those secure directories the rest of the pages = they view on the site are on the secure site. I would like to have a = rewriterule in the secure virtual host to check if they are not in one = of those directories and redirect them back to the unsecure = site.

I've been banging my head trying to get this and I can't figure = it out. (I'm new to regular expressions and mod_rewrite). I keep getting = redirected back and forth until the browser tells me "Too many = redirects." or some such error.

Here's what I have so far for the secure virtual host, but again, = it doesn't seem to work.

RewriteEngine On
RewriteRule !^register(.*) - = [C]
RewriteRule ^/(.*) = http://www.some.domain.com/$1=A0[L]
RewriteRule !^registrar/request/(.*) - = [C]
RewriteRule ^/(.*) = http://www.some.domain.com/$1=A0[L]


Could someone tell me what I'm doing = wrong?

Do I need to put the secure rewrite rules in a <Directory> = structure.

Thank you.
= --Apple-Mail-2--788636246--