httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Pol Hallen" <apach...@fuckaround.org>
Subject [users@httpd] https before auth
Date Wed, 10 Jul 2013 16:28:10 GMT
Hi all :-)

working on my last post I configured a https rewrite and auth basic:

default
[...]
<IfModule mod_rewrite.c>
<IfModule mod_ssl.c>
<Location /test>
RewriteEngine on
RewriteCond %{HTTPS} !^on$ [NC]
RewriteRule . https://example.org/test [L]
</Location>
</IfModule>
</IfModule>
[...]

default-ssl

[...]
<Directory "/var/www/test">
Options +SymLinksIfOwnerMatch +Multiviews +Indexes
AuthType Basic
AuthName "Authentication Required"
AuthUserFile "/etc/htpasswd/test"
Require valid-user
Order allow,deny
Allow from all
</Directory>
[...]

Now: when I do http://example.org/test, I see access form to
authentication before the rewrite to https (or no?) - because after login
I'm in https page.

Is my authentication encrypted, I think no... any idea?

Thanks for help!

Pol


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message