[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: http and https



-------- Original Message  --------
Subject: http and https
From: edwardspl ita org mo
To: For users of Fedora <fedora-list redhat com>
Date: 09/21/2007 10:06 PM
edwardspl ita org mo wrote:
<snip>  
Hello Pual,

1, As the following is good for work also ?

Listen 80
Listen 443

NameVirtualHost *:80

<VirtualHost *:80>
    ServerAdmin you me domain com
    ServerName  www.domain.com
    ServerAlias www.domain.net
    ServerAlias www.domain.org
    ErrorLog  /var/log/httpd/www_error_log
    CustomLog /var/log/httpd/www_access_log combined
    Redirect permanent / https://www.domain.com/
</VirtualHost>

<VirtualHost *:443>
   DocumentRoot /my/doc-root/for/https/
   ServerName  www.domain.com
   ServerAlias www.domain.net
   ServerAlias www.domain.org
   ServerAdmin you me domain com
</VirtualHost>

2, What means by the permanent of redirect function ?

Thanks !

Edward.

  
Hello,

If there is only one IP address, then the config is okay ?

I am going to assume that both the secured and non-secured sites are on the same computer. The redirect can work even if the secured site is in a different server or even a different domain. It appears, however, from your questions that your two sites are on the same box.

1) Yes those port numbers are right. When a person types "http://" in their browser, they will connect on port 80 by default. When they type "https://" the browser knows to connect on port 443 by default.

2) Yes, the web server uses the "ServerName" and "ServerAlias" in the VirtualHost definitions to sort this out. In this example, when a person addresses your site as "http://www.domain.com" they will connect to your server on port 80. This is the default , not-secured web site. If a person does not specify a port and they use the "http" protocol they will always connect on port 80. When this happens the web server will see that there is a "Redirect" defined and will redirect the person to the address you supply. In this example to "https://www.domain.com"

This, in effect, gives your secured site two names so that a person can access it even if they do not know or forget to say "https://" instead of "http://"

Since the two sites (secured and not secured) are accessed on different ports (80 and 443) having the same IP address is OK.

Thanks !

Edward.

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]