Secure Server

Hi,

I am trying to configure Apache so that it only connects to a secure connection i.e. https:// when I browse to a certain page, i.e. login page. Does anyone know how to do this? I have configured Apache to run on a secure port.

thanks,
jlar

A rewrite rule will do what you want. Here’s one I used for a site. Don’t ask me to explain it off the top of my head, mod_rewrite is powerful but black magic. Something I’ve been meaning to delve more into but need a project to do it for.

        RewriteEngine on
        RewriteCond %{SERVER_PORT} !^443$
        RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R]

Here’s a tute for mod_rewrite. [(http://httpd.apache.org/docs/2.0/misc/rewriteguide.html) but you should be able to find more friendly tutes on the web.]((http://httpd.apache.org/docs/2.0/misc/rewriteguide.html) but you should be able to find more friendly tutes on the web.)

Hi Ken_yap,

You always reply to my posts… thanks yet again.

I will give that a try

jlar

Hi,

Not sure if I am going about this the right way…

I want to redirect all requests to

http://localhost/account 

to

http**s**://localhost/account

Do I put the .htaccess in the /account folder? I put this into http://localhost/account

        RewriteEngine on
        RewriteCond %{SERVER_PORT} !^443$
        RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R]

I already have a .htaccess file in the document root which routes all requests through index.php:

RewriteEngine on
RewriteCond %{SCRIPT_FILENAME} !-f
RewriteCond %{SCRIPT_FILENAME} !-d
RewriteRule ^(.*)$ index.php/$1

Also I don’t know whether to be on port 80 or 443. I put both into my vhosts file:

<VirtualHost *:80>

ServerName apollo
DocumentRoot /var/www/phpweb20/htdocs

<Directory /var/www/phpweb20/htdocs>
	AllowOverride All
	Options All
</Directory>

</VirtualHost>

<VirtualHost *:443>

ServerName apollo
DocumentRoot /var/www/phpweb20/htdocs

<Directory /var/www/phpweb20/htdocs>
	AllowOverride All
	Options All
</Directory>

SSLEngine On
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:!eNULL

SSLCertificateFile /etc/apache2/ssl/server.pem
SSLCertificateKeyFile /etc/apache2/ssl/serverkey.pem
SSLCACertificateFile /etc/apache2/ssl/cacert.pem

SSLVerifyClient require
SSLVerifyDepth 1

SSLOptions +StrictRequire +StdEnvVars

<Directory /var/www/phpweb20/htdocs/account>
	SSLRequireSSL
	SSLRequire %{SSL_CLIENT_VERIFY} eq "SUCCESS"
	SSLRequire %{SSL_CLIENT_S_DN_O} eq "Secure Space"
	SSLRequire %{SSL_CLIENT_S_DN_OU} eq "Administration"
</Directory>

Alias /phpMyAdmin "/srv/www/oci/htdocs/phpMyAdmin"

<Directory /srv/www/oci/htdocs/phpMyAdmin>
        # Restrict phpmyadmin access to just my worksation
        Options All
        Deny from none
       Allow from localhost
</Directory>

</VirtualHost>

Yeah, combine those rewrite rules with the set already there, but you have to be careful of the order in which they are executed, so read up on what those flags (e.g. [L,R]) mean.

You’ll need sections for both port 80 and port 443.