use ssl only on certain directories

Romeo Theriault romeotheriault at gmail.com
Thu Apr 13 00:27:55 UTC 2006 

Thank you everyone that responded. What you all wrote gave me some
ideas and a little more clues of  what I needed to look for on google.
I've finally come up with a solution that I feel fits my needs well.
I'm pretty much following the que of this webpage on wordpress.

http://codex.wordpress.org/Administration_Over_SSL

In short, you have two virtual hosts, one unsecure and the other
secure. They have the same document roots and are pretty much the same
site except for the obvious difference that one is secure and one is
not. Then in the insecure site put some rewrite rules like this:

RewriteRule ^wp-admin/(.*) https://www.mysite.com/wp-admin/$1 [C]

that will redirect users that try to access a certain directory to the
https version of the directory. And on the https side of things have
some rewrite rules like this:

RewriteRule !^/wp-admin/(.*) - [C]
RewriteRule ^/(.*) http://www.mysite.com/$1 [QSA,L]

that will redirect people back to the unsecure site unless they have
chosen one of the directories specified.

Romeo

On 4/12/06, Russell Harrison <rtlm10 at gmail.com> wrote:
> Well you are setting up different virtual hosts, but they can share a
> hostname.  They'll just be listening on different ports.  http on 80 and
> https on 443.
>
> On 4/12/06, Romeo Theriault <romeotheriault at gmail.com> wrote:
> >
> > But do I need to setup a completely different virtual host for every
> > set of directories that I want to secure with ssl.
> > If yes, then do the virtual hosts  need to all have different names?
> >
> > I would like to have one virtual host (eg. www.example.com) and
> > specify within that Virtual Host section that I want directory
> > "forms" and directory "apply" secured with ssl.
> >
> > Romeo
> >
> > On Apr 12, 2006, at 2:38 PM, Kishore Jalleda wrote:
> >
> > > In the SSL virtual host section just psecify the "DocumentRoot"
> > > directive on
> > > the directory out out of which you will be serving your files via
> > > ssl, like
> > > this
> > >
> > > <VirtualHost xxx.xxx.xx.x:443>
> > > DocumentRoot "/htdocs/ssl"
> > > .......
> > > .....
> > > .....
> > >
> > > </VirtualHost>
> > >
> > > So now you can access your files in the directory /htdocs/ssl via
> > > SSL, since
> > > you have specifically enabled ssl on that directory..., rest of the
> > > virtual
> > > hosts would function as normal.
> > >
> > > Hope this helps
> > >
> > > Kishore Jalleda
> > >
> > >
> > > On 4/12/06, Romeo Theriault <romeotheriault at gmail.com> wrote:
> > >>
> > >> It is, but within that virtual host, I need to specify only certain
> > >> directories. I may be misunderstanding you though. Would you
> > >> elaborate?
> > >>
> > >> Thanks,
> > >> Romeo
> > >> On Apr 12, 2006, at 2:11 PM, Kishore Jalleda wrote:
> > >>
> > >>> define your ssl configuration in the virtual host section of
> > >>> httpd.conf
> > >>>
> > >>> Kishore Jalleda
> > >>>
> > >>>
> > >>> On 4/12/06, Romeo Theriault <romeotheriault at gmail.com> wrote:
> > >>>>
> > >>>> Hi, We have a Red Hat AS 4.3 machine that we are running Apache
> > >>>> on. I
> > >>>> know how to setup mod_ssl and create a certificate to run the
> > >>>> website
> > >>>> with ssl encryption. But we don't want the whole site to have ssl,
> > >>>> only certain directories. How do I edit the httpd.conf file so only
> > >>>> certain directories are using ssl.
> > >>>>
> > >>>> Thank you
> > >>>>
> > >>>> Romeo Theriault
> > >>>>
> > >>>> --
> > >>>> redhat-list mailing list
> > >>>> unsubscribe mailto:redhat-list-request at redhat.com?
> > >>>> subject=unsubscribe
> > >>>> https://www.redhat.com/mailman/listinfo/redhat-list
> > >>>>
> > >>> --
> > >>> redhat-list mailing list
> > >>> unsubscribe mailto:redhat-list-request at redhat.com?
> > >>> subject=unsubscribe
> > >>> https://www.redhat.com/mailman/listinfo/redhat-list
> > >>
> > >> --
> > >> redhat-list mailing list
> > >> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> > >> https://www.redhat.com/mailman/listinfo/redhat-list
> > >>
> > > --
> > > redhat-list mailing list
> > > unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> > > https://www.redhat.com/mailman/listinfo/redhat-list
> >
> > --
> > redhat-list mailing list
> > unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> > https://www.redhat.com/mailman/listinfo/redhat-list
> >
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request at redhat.com?subjectunsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>

More information about the redhat-list mailing list