The redirect just permanently redirects
everything to use https.
IMO you should fix this part by excluding the subset you want.
I tried adding another VirtualHost for port
80, with a DocumentRoot pointed at my "freely-available"
subdirectory.
Not sure why you need another VirtualHost, but in any case you can
always configure it to make unnecessary inaccessible. Just check
Apache access controls for directories.
--
With Best Regards,
Marat Khalili
On 16/09/15 01:12, . wrote:
Hello,
I am a novice website admin, running Apache 2.4.7 on a Ubuntu box.
I want to be able to serve a subset of my website as http (port
80), even though the overall site is on https (port 443). I
managed to convert it all to https this summer by providing links
in /etc/apache2/sites-enabled/ to sites-available/default-ssl.conf
and sites-available/http-redirect.conf. The redirect just
permanently redirects everything to use https.
I tried adding another VirtualHost for port 80, with a
DocumentRoot pointed at my "freely-available" subdirectory. That
seemed to work, but the problem is that if somebody just browses
to that subdirectory, they get a directory listing that includes a
hyperlink to the parent directory. By clicking on that hyperlink,
they can escape into the rest of the website using http instead of
https.
I suspect there's a "proper" way to do this, but I don't know what
it is. Any help, or pointers, would be appreciated.
thanks,
-Bob Montante
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|
