Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id AB290200D33 for ; Wed, 25 Oct 2017 07:36:25 +0200 (CEST) Received: by cust-asf.ponee.io (Postfix) id A6F03160BF1; Wed, 25 Oct 2017 05:36:25 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id 7914E1609C8 for ; Wed, 25 Oct 2017 07:36:24 +0200 (CEST) Received: (qmail 4429 invoked by uid 500); 25 Oct 2017 05:36:22 -0000 Mailing-List: contact users-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: users@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list users@httpd.apache.org Received: (qmail 4419 invoked by uid 99); 25 Oct 2017 05:36:22 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd3-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 25 Oct 2017 05:36:22 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd3-us-west.apache.org (ASF Mail Server at spamd3-us-west.apache.org) with ESMTP id EB96A180725 for ; Wed, 25 Oct 2017 05:36:21 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd3-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: 1.88 X-Spam-Level: * X-Spam-Status: No, score=1.88 tagged_above=-999 required=6.31 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=2, KAM_SHORT=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=disabled Authentication-Results: spamd3-us-west.apache.org (amavisd-new); dkim=pass (1024-bit key) header.d=eroi.com Received: from mx1-lw-eu.apache.org ([10.40.0.8]) by localhost (spamd3-us-west.apache.org [10.40.0.10]) (amavisd-new, port 10024) with ESMTP id yLDi8BW7oII1 for ; Wed, 25 Oct 2017 05:36:19 +0000 (UTC) Received: from mail-pg0-f41.google.com (mail-pg0-f41.google.com [74.125.83.41]) by mx1-lw-eu.apache.org (ASF Mail Server at mx1-lw-eu.apache.org) with ESMTPS id A0D745FB52 for ; Wed, 25 Oct 2017 05:36:18 +0000 (UTC) Received: by mail-pg0-f41.google.com with SMTP id 15so11757313pgc.12 for ; Tue, 24 Oct 2017 22:36:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=eroi.com; s=google; h=from:mime-version:subject:date:references:to:in-reply-to:message-id; bh=EipdKeId6ikWwVwyZXFhkf5FcDQf5NytMY5XOzb34aA=; b=BY4B0asgSZIjtDspyXSOoyrLtvIAz8B5+LmavGxFsunstcRnOw+5pgcP2Ldxe/Sj02 9N/y37xknMoXOTn8y1gpVic3n7scW6Kn5bWthZcko1FBluJaMGFpWg1TaTAXBf5Gp9wb HmJ9pr5NN+UJTan6TinYQgW+K1pJaYkMCCmCA= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:mime-version:subject:date:references:to :in-reply-to:message-id; bh=EipdKeId6ikWwVwyZXFhkf5FcDQf5NytMY5XOzb34aA=; b=O9fKk5YFzSnagpYz2aFjdJ/EzHfhDv4aPNZ3SYenoXi9DqTQCSoxAOmyRBU1wCTtVB iKMIGfU1phXGul8bVR/xBRSofEQ8qdsMwXxoVK3agIaKP1E+JtMZQhFwSU7glV9++JhY gFZ6nV83vqyyvloslp/7eoUrIRxPbQdDwdliaeTgvvG7BnloAG+GQtN3mKkuaZgSRr5H 1L93/acGpTBDN2ilCMhpdYp2T1cyzYXgoiG10OERMkjVIgMyki/8mnhEWJs+cci3SYaE kLp88a7l0+kepdpxXim7+z5l5YgwKHrSOYiTZoQMLx9nUwwKtZz0LbX6b6F3HxzB/wwC QNDw== X-Gm-Message-State: AMCzsaXwxsqYkXA8Q6QxGFQvjBDiO1eUmO/tYSNJ7S/tMuyVa37zPi3q 7hvRgIrI1LudnjOBphGyIEVKrW9SdoY= X-Google-Smtp-Source: ABhQp+SkPM01kPnS6ruyykeDc2Do6QjZOwQzK/zXJ4A6ibY6MDrpuHId9C8d2UXNwn0Q29WG3kjcMw== X-Received: by 10.98.43.205 with SMTP id r196mr1108609pfr.14.1508909776611; Tue, 24 Oct 2017 22:36:16 -0700 (PDT) Received: from ?IPv6:2601:1c0:4f00:a60:e133:142d:4991:c7d0? ([2601:1c0:4f00:a60:e133:142d:4991:c7d0]) by smtp.gmail.com with ESMTPSA id z86sm3101684pfk.34.2017.10.24.22.36.15 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 24 Oct 2017 22:36:15 -0700 (PDT) From: Jason Brooks Content-Type: multipart/alternative; boundary="Apple-Mail=_02AA0462-1E54-40E2-80C5-75F98994C2A9" Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\)) Date: Tue, 24 Oct 2017 22:36:14 -0700 References: <12E005FE-75DC-4374-A033-A3C36D1B6EDE@eroi.com> <5032A7591CD3A342977F866638A087FFDE585F@MAILSVR.miclub.local> To: users@httpd.apache.org In-Reply-To: <5032A7591CD3A342977F866638A087FFDE585F@MAILSVR.miclub.local> Message-Id: <9B51D573-A2BA-46CF-9A82-20E0C1A1C6E9@eroi.com> X-Mailer: Apple Mail (2.3273) Subject: Re: [users@httpd] How can I detect if SSLEngine is ON? archived-at: Wed, 25 Oct 2017 05:36:25 -0000 --Apple-Mail=_02AA0462-1E54-40E2-80C5-75F98994C2A9 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 Hello Daniel, Thank you for your reply:=20 What I need is for the apache configuration to know, not just me. So = for instance:=20 I can detect if mod_info is loaded with "=E2=80=9D or if mod_ssl is loaded with "=E2=80=9D. But, I don=E2=80=99t just need to know if a module is available: once = the module is loaded, its available for all virtualhosts. I need to = know if the SSLEngine has been enabled within a virtualhost so I can do = something like the following: Header always set Strict-Transport-Security "max-age=3D63072000; = includeSubDomains; preload" Header always set X-Content-Type-Options nosniff Header always append X-Frame-Options SAMEORIGIN Thanks! Jason Brooks Systems Administrator eROI Performance is Art. =20 m: 505 nw couch #300 w: eroi.com t: 503.290.3105 f: 503.228.4249 fb: fb.com/eROI > On Oct 24, 2017, at 9:47 PM, Daniel Mailing = wrote: >=20 > From: Jason Brooks [mailto:jason.brooks@eroi.com = ]=20 > Sent: Wednesday, 25 October 2017 12:13 PM > To: users@httpd.apache.org > Subject: [users@httpd] How can I detect if SSLEngine is ON? > >=20 > >Hello, > >=20 > >I am using virtualmin to run my site, and there is no method to set = an apache template separately for an ssl site. that i am aware of. I = am asking them this right now. > >=20 > >Independently, my question to this list is =E2=80=9Cin the apache = configuration, how do I tell if SSLEngine is set to ON=E2=80=9D. I know = how to determine if mod_ssl is loaded: that is not what I want here: I = want to detect if the ssl-engine has been turned on in a particular = virtual host. > =20 > If you have shell access to the server try using grep. > grep -r SSLEngine /etc/httpd/ > =20 > >If I can detect this in the apache configuration, I can enable = configuration lines that otherwise wouldn=E2=80=99t make sense. > >=20 > >Thank you for your time! > >=20 > >=E2=80=94jason > > --Apple-Mail=_02AA0462-1E54-40E2-80C5-75F98994C2A9 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=utf-8 Hello Daniel,

Thank you for your reply: 

What I need is for the apache = configuration to know, not just me.  So for = instance: 

I can detect if mod_info is loaded with "<IfModule = mod_info.c>=E2=80=9D

or if mod_ssl is loaded with "<IfModule = mod_ssl.c>=E2=80=9D.

But, I don=E2=80=99t just need to know if a module is = available: once the module is loaded, its available for all = virtualhosts.  I need to know if the SSLEngine has been enabled = within a virtualhost so I can do something like the following:

 <ssl-engine is = on>
Header always set = Strict-Transport-Security "max-age=3D63072000; includeSubDomains; = preload"
Header always set = X-Content-Type-Options nosniff
Header = always append X-Frame-Options SAMEORIGIN

</ssl-engine is on>

Thanks!

Jason BrooksSystems Administrator
eROIPerformance is Art.
 
m:505 nw couch #300w:eroi.com
t:503.290.3105f:503.228.4249


fb:fb.com/eROI








On Oct 24, 2017, at 9:47 PM, Daniel Mailing <daniel-mailing@miclub.com.au> wrote:

From: Jason Brooks [mailto:jason.brooks@eroi.com] 
Sent: Wednesday, 25 October 2017 = 12:13 PM
To: users@httpd.apache.org
Subject: [users@httpd] How can I = detect if SSLEngine is ON?
> 
>Hello,
> 
>I am using virtualmin to run my site, and there is = no method to set an apache template separately for an ssl site. =  that i am aware of.  I am asking them this right now.
> 
>Independently, my question to = this list is =E2=80=9Cin the apache configuration, how do I tell if = SSLEngine is set to ON=E2=80=9D.  I know how to determine if = mod_ssl is loaded: that is not what I want here: I want to detect if the = ssl-engine has been turned on in a particular virtual host.
 
If you have shell access to the server try using grep.
grep = -r SSLEngine /etc/httpd/
 
>If I can detect this in the apache configuration, = I can enable configuration lines that otherwise wouldn=E2=80=99t make = sense.
> 
>Thank you for your time!
> 
>=E2=80=94jason
>
= --Apple-Mail=_02AA0462-1E54-40E2-80C5-75F98994C2A9--