Re: Rewrite Rules, SSL, and .htaccess

• Previous message: Jeremy Miller: "Re: Rewrite Rules, SSL, and .htaccess"
• Maybe in reply to: davec: "Rewrite Rules, SSL, and .htaccess"
• Next in thread: Wallwork, Nathan: "Re: Rewrite Rules, SSL, and .htaccess"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 25 Mar 2004 16:30:19 -0500
To: focus-linux@securityfocus.com

> Subject:
> Rewrite Rules, SSL, and .htaccess
> From:
> "davec" <davec@webpipe.net>
> Date:
> Wed, 24 Mar 2004 23:47:15 -0700
> To:
> focus-linux@securityfocus.com
>
> To:
> focus-linux@securityfocus.com
>
> Hi,
> I have a .htaccess file protecting a certain directory on my site. When
> I tried using the following Apache redirect, I was prompted for my
> password once on the http version, and once on the https version:
> <VirtualHost 192.168.3.7:80>
> Redirect / https://www.mydomain.com/
> </VirtualHost>
> The point of using SSL on the password protected directory is to protect
> the password from being passed in clear text. I think that a RewriteRule
> would probably do the trick, but after reading the apache documentation
> (version 2.0.40) I have still not been able to set one up that works
> properly for the various ways of accessing the site such as
> http://www.mydomain.com/dir or www.mydomain.com/dir or mydomain.com/dir
> or http://www.mydomain.com/dir/index.html etc.
> Any suggestions?
> Thanks,
> Dave

How about just trying this:

<VirtualHost 192.168.3.7:80>
RedirectMatch permanent .* https://www.mydomain.com$1
</VirtualHost>

-- 
Jeff Bollinger, CISSP
University of North Carolina
IT Security Analyst
105 Abernethy Hall
mailto: jeff @unc dot edu

• Previous message: Jeremy Miller: "Re: Rewrite Rules, SSL, and .htaccess"
• Maybe in reply to: davec: "Rewrite Rules, SSL, and .htaccess"
• Next in thread: Wallwork, Nathan: "Re: Rewrite Rules, SSL, and .htaccess"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]