Re: https before auth

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I'm not sure but add:

SSLOptions +StrictRequire
SSLRequireSSL

seems resolve the problem

Is it correct?

thanks!

> Hi all :-)
>
> working on my last post I configured a https rewrite and auth basic:
>
> default
> [...]
> <IfModule mod_rewrite.c>
> <IfModule mod_ssl.c>
> <Location /test>
> RewriteEngine on
> RewriteCond %{HTTPS} !^on$ [NC]
> RewriteRule . https://example.org/test [L]
> </Location>
> </IfModule>
> </IfModule>
> [...]
>
> default-ssl
>
> [...]
> <Directory "/var/www/test">
> Options +SymLinksIfOwnerMatch +Multiviews +Indexes
> AuthType Basic
> AuthName "Authentication Required"
> AuthUserFile "/etc/htpasswd/test"
> Require valid-user
> Order allow,deny
> Allow from all
> </Directory>
> [...]
>
> Now: when I do http://example.org/test, I see access form to
> authentication before the rewrite to https (or no?) - because after login
> I'm in https page.
>
> Is my authentication encrypted, I think no... any idea?
>
> Thanks for help!
>
> Pol
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
> For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
>
>



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux