httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Bobby Jack <bobbykj...@yahoo.co.uk>
Subject [users@httpd] Using RewriteRule for secure requests
Date Mon, 28 Jul 2008 14:29:46 GMT
Hi all,

This IS an apache-related question, even if it might not sound like it at first, so please
bear with me :)

I'm maintaining a site whose http/https configuration is all muddled up, partly because of
the (lack of) facilities available in the CMS used to deliver it. However, I'm considering
an apache-based solution which might solve things, and I'd like some feedback.

The main problems revolve around the two following requirements (which are global to any properly
built site using https):

1. Links (whether resident on an http or https delivered page) should begin "http://..." or
"https://", as appropriate - i.e. dependent on which 'set' the target page belongs to. As
far as I can think, those two sets are completely distinct, so this should not be a significant
problem to resolve.

2. Certain resources (e.g. images, css, etc.) need to be requested via "http://..." OR "https://..."
dependant on how the requesting page has been delivered.

So, assuming I can solve problem 1 within the confines of the CMS, I'm thinking problem 2
can be resolved using RewriteRule with an appropriate condition on HTTP_REFERER. My one slight
concern is the performance hit, although I'm guessing this should be minuscule, especially
in relation to the hit of using https in the first place.

Any thoughts?

Many thanks,

- Bobby


      

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message