Rewrite Rules, SSL, and .htaccess

From: davec (davec_at_webpipe.net)
Date: 03/25/04

  • Next message: Peter H. Lemieux: "Re: Rewrite Rules, SSL, and .htaccess"
    To: focus-linux@securityfocus.com
    Date: Wed, 24 Mar 2004 23:47:15 -0700
    
    

    Hi,

    I have a .htaccess file protecting a certain directory on my site. When I
    tried using the following Apache redirect, I was prompted for my password
    once on the http version, and once on the https version:

    <VirtualHost 192.168.3.7:80>
    Redirect / https://www.mydomain.com/
    </VirtualHost>

    The point of using SSL on the password protected directory is to protect the
    password from being passed in clear text. I think that a RewriteRule would
    probably do the trick, but after reading the apache documentation (version
    2.0.40) I have still not been able to set one up that works properly for the
    various ways of accessing the site such as
    http://www.mydomain.com/dir or www.mydomain.com/dir or mydomain.com/dir
    or http://www.mydomain.com/dir/index.html etc.

    Any suggestions?

    Thanks,

    Dave


  • Next message: Peter H. Lemieux: "Re: Rewrite Rules, SSL, and .htaccess"

    Relevant Pages