|
Unfortunately, no (on the content root). Basically, the "secure" (https) portion is a shared subdomain, hence the directory approach.
Think of the structure this way:
/var/www/site1
/var/www/site2
/var/www/siten
....
/var/www/secure/
\\ Robert J. Granvin Webmaster
\\ robert.granvin@xxxxxxxxxxxxxx Metro State University ->site1 /var/www/secure/ ->site2
/var/www/secure/ ->siten
...
Where the "secure" subdomain has symbolic links to the content root of each web site (site1, site2... siten).
Therefore, each web site has access to a single secure server (low cost), but has the problem of URLs no longer being valid.
a "/foo/bar.html" in site1 has to translate to "/site1/foo/bar.html" while in the "secure" subdomain in order to render properly, and http://foo.site.com ends up having to translate to an appropriate URL also (though translating to a local reference is fine (and preferred anyways)).
The only guarantee that we have is that the URL called will absolutely begin with http://secure.site.com/site1/[...], for example...
My suspicion is that this is a lot easier than it seems on the surface. :-)
>>> "Julius Thyssen" <jultus@xxxxxxxxx> 7/17/2007 10:21:03 am >>> On 7/17/07, Robert Granvin <Robert.Granvin@xxxxxxxxxxxxxx> wrote: > Standard web site is at "http://foo.site.com/..." while > the secure URL is at "https://secure.site.com/foo/..." So you can't use the same document root for both hosts? If you need different content, except for some folders, simply use the Alias directive in httpd.conf. Alias /images "/var/www/foo/images" or something. > (Basically, make sure that local references such as "/images/blah.gif" > become "/foo/images/blah.gif" and hard URLs embed the site reference into > it... The user will connect to "https://secure.site.com/foo", > but I need to extract the "foo" to use in the other URLs.) I'd use a symbolic link for that. So, on the server, if it's linux/unix: # ln -s /foo/images /images or whatever you need for t hat. To use Rewrite for that is overkill. If you would like httpS to 'appear' only for secure.site.com, do something like this in httpd.conf: NameVirtualHost *:80 <VirtualHost *:80> ServerName site.com DocumentRoot /var/www/site.com_doc-root ServerAlias *.site.com # this ^^ catches mistyped hostnames, like "ww.site.com" # and "wwww.site.com", and limits traffic # by having all calls go to one hostname.. RewriteEngine on RewriteCond %{HTTP_HOST} ^secure\.site\.com RewriteRule ^/(.*)$ https://secure.site.com/$1 [R,L] RewriteCond $1 =secure RewriteRule ^/(.*)$ https://secure.site.com/ [R,L] # this all forces the "secure.site.com" requests to go over SSL. RewriteCond %{HTTP_HOST} !^site.com(:80)?$ RewriteRule ^/(.*) http://site.com/$1 [L,R] Rew riteOptions inherit </VirtualHost> and then this - for example - in ssl.conf: <VirtualHost _default_:443> DocumentRoot /var/www/secure.site.com_doc-root ServerName secure.site.com:443 ErrorLog logs/ssl_error_log TransferLog logs/ssl_access_log LogLevel warn SSLEngine on SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP SSLCertificateFile /etc/httpd/conf/ssl.crt/server.crt SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.key SSLCertificateChainFile /etc/httpd/conf/ssl.crt/ca.crt SSLCACertificatePath /etc/httpd/conf/ssl.crt <Files ~ "\.(cgi|shtml|phtml|pl|php3?)$"> SSLOptions +StdEnvVars </Files> <Directory "/var/www/secure.site.com_doc-root"> SSLOptions +StdEnvVars </Directory> SetEnvIf User-Agent ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 CustomLog logs/ssl_request_log \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" </VirtualHost> -- # Julius B. Thyssen --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx |
|