-------- Original Message --------|
Subject: http and https
From: edwardspl ita org mo
To: For users of Fedora <fedora-list redhat com>
Date: 09/21/2007 10:06 PM
edwardspl ita org mo wrote:Hello,<snip>Hello Pual, 1, As the following is good for work also ? Listen 80 Listen 443 NameVirtualHost *:80 <VirtualHost *:80> ServerAdmin you me domain com ServerName www.domain.com ServerAlias www.domain.net ServerAlias www.domain.org ErrorLog /var/log/httpd/www_error_log CustomLog /var/log/httpd/www_access_log combined Redirect permanent / https://www.domain.com/ </VirtualHost> <VirtualHost *:443> DocumentRoot /my/doc-root/for/https/ ServerName www.domain.com ServerAlias www.domain.net ServerAlias www.domain.org ServerAdmin you me domain com </VirtualHost> 2, What means by the permanent of redirect function ? Thanks ! Edward.
I am going to assume that both the secured and non-secured sites are on the same computer. The redirect can work even if the secured site is in a different server or even a different domain. It appears, however, from your questions that your two sites are on the same box.
1) Yes those port numbers are right. When a person types "http://" in their browser, they will connect on port 80 by default. When they type "https://" the browser knows to connect on port 443 by default.
2) Yes, the web server uses the "ServerName" and "ServerAlias" in the VirtualHost definitions to sort this out. In this example, when a person addresses your site as "http://www.domain.com" they will connect to your server on port 80. This is the default , not-secured web site. If a person does not specify a port and they use the "http" protocol they will always connect on port 80. When this happens the web server will see that there is a "Redirect" defined and will redirect the person to the address you supply. In this example to "https://www.domain.com"
This, in effect, gives your secured site two names so that a person can access it even if they do not know or forget to say "https://" instead of "http://"
Since the two sites (secured and not secured) are accessed on different ports (80 and 443) having the same IP address is OK.
Description: S/MIME Cryptographic Signature