httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tianyin Xu <t...@cs.ucsd.edu>
Subject [users@httpd] SSLRequireSSL doesn't work in <Directory> inside <VirtualHost>?
Date Fri, 06 Jan 2012 23:51:05 GMT
Hi, all,

I have some problem about the directive "SSLRequireSSL".

I setup my SSL for <VirtualHost _default_:443> and it works pretty well.
Then, I want to let Apache deny all the access when SSL is not used for the
HTTP request. In other words, I want to forbid access unless HTTP over SSL
(i.e. HTTPS) is used. According to the manual, I used the directive
"SSLRequireSSL" in the <Directory> block inside the default <VirtualHost>
block. My configuration is as follows:

------------------------------------------------------httpd-ssl.conf---------------------------------------------------
<VirtualHost _default_:443>

DocumentRoot "/home/tianyin/apache2.2.21-ssl/htdocs"
ServerName www.example.com:443
ServerAdmin you@example.com

SSLEngine on

SSLCipherSuite
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile "/home/tianyin/apache2.2.21-ssl/conf/server.crt"
SSLCertificateKeyFile "/home/tianyin/apache2.2.21-ssl/conf/server.key"

<Directory "/home/tianyin/apache2.2.21-ssl/htdocs">
    SSLRequireSSL
</Directory>

</VirtualHost>
-----------------------------------------------------------------------------------------------------------------------------

But it seems that "SSLRequireSSL" has no effect at all. I can still access
the "DocumentRoot" using HTTP. But if I put the <Directory> block out of
the <VirtualHost> block to be a separate, independent block (not nested).
It actually works.

Could anyone tell me why?

Many thanks!!
Tianyin

Mime
View raw message