httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Julius Thyssen" <jul...@gmail.com>
Subject Re: [users@httpd] Mod Rewrite assistance sought (hoped for :-)
Date Tue, 17 Jul 2007 15:21:03 GMT
On 7/17/07, Robert Granvin <Robert.Granvin@metrostate.edu> wrote:
> Standard web site is at "http://foo.site.com/..." while
> the secure URL is at "https://secure.site.com/foo/..."

So you can't use the same document root for both hosts?
If you need different content, except for some folders,
simply use the Alias directive in httpd.conf.

Alias /images "/var/www/foo/images"

or something.

> (Basically, make sure that local references such as "/images/blah.gif"
> become "/foo/images/blah.gif" and hard URLs embed the site reference into
> it... The user will connect to "https://secure.site.com/foo",
> but I need to extract the "foo" to use in the other URLs.)

I'd use a symbolic link for that. So, on the server, if it's linux/unix:

# ln -s /foo/images /images

or whatever you need for that. To use Rewrite for that is overkill.

If you would like httpS to 'appear' only for secure.site.com,
do something like this in httpd.conf:

NameVirtualHost *:80

<VirtualHost *:80>

ServerName site.com
DocumentRoot /var/www/site.com_doc-root
ServerAlias *.site.com
# this ^^ catches mistyped hostnames, like "ww.site.com"
# and "wwww.site.com", and limits traffic
# by having all calls go to one hostname..

RewriteEngine on
RewriteCond %{HTTP_HOST}  ^secure\.site\.com
RewriteRule ^/(.*)$     https://secure.site.com/$1 [R,L]
RewriteCond $1          =secure
RewriteRule ^/(.*)$     https://secure.site.com/ [R,L]
# this all forces the "secure.site.com" requests to go over SSL.
RewriteCond %{HTTP_HOST}  !^site.com(:80)?$
RewriteRule ^/(.*)        http://site.com/$1 [L,R]
RewriteOptions inherit

</VirtualHost>


and then this - for example - in ssl.conf:


<VirtualHost _default_:443>
DocumentRoot /var/www/secure.site.com_doc-root
ServerName secure.site.com:443

ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel warn
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
SSLCertificateFile /etc/httpd/conf/ssl.crt/server.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.key
SSLCertificateChainFile /etc/httpd/conf/ssl.crt/ca.crt
SSLCACertificatePath /etc/httpd/conf/ssl.crt
<Files ~ "\.(cgi|shtml|phtml|pl|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/secure.site.com_doc-root">
SSLOptions +StdEnvVars
</Directory>
SetEnvIf User-Agent ".*MSIE.*" \
 nokeepalive ssl-unclean-shutdown \
 downgrade-1.0 force-response-1.0
 CustomLog logs/ssl_request_log \
  "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>

-- 
# Julius B. Thyssen

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message