Question about Apache SSL and Rewrites

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: users@xxxxxxxxxxxxxxxx
Subject: Question about Apache SSL and Rewrites
From: "Bryan Richardson" <btricha@xxxxxxxxx>
Date: Sun, 16 Dec 2007 10:17:08 -0700
Reply-to: users@xxxxxxxxxxxxxxxx

Hello all,

I've set up a Trac site on my server, and I'm trying to configure it such that when a user attempts to login, SSL is used. I *think* I've configured my rewrites correctly (see below), but after the login occurs the site is still using SSL. I only want to use SSL for the actual act of logging in, and nothing else. Can anyone help me with this? See my site configuration files below for what I have so far. Thanks!

P.S. Can anyone tell me what SSLRequireSSL does and if it's actually necessary?

#### Apache2 default site config file ####

<VirtualHost 127.0.0.1:80>
    ServerAdmin webmaster@localhost

    DocumentRoot /home/foo/public_html/

    <Directory />
        Options FollowSymLinks
        AllowOverride None
    </Directory>

    <Directory /home/foo/public_html/>
        Options Indexes FollowSymLinks MultiViews
        AllowOverride None
        Order allow,deny
        Allow from all

        RewriteEngine On
        RewriteCond %{SERVER_PORT} !^443$
        RewriteRule trac/[^/]+/login$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R]
    </Directory>

    <Location /trac>
        SetHandler mod_python
        PythonHandler trac.web.modpython_frontend
        PythonOption TracEnvParentDir /home/foo/public_html/trac/
        PythonOption TracUriRoot /trac
    </Location>

    <Location /svn>
        DAV svn
        SVNParentPath /home/foo/svn/
        AuthType Basic
        AuthName "Subversion Repository"
        AuthUserFile /home/foo/.passwd
        AuthzSVNAccessFile /home/foo/.authz
        Require valid-user
    </Location>
</VirtualHost>

<VirtualHost 127.0.0.1:443>
    DocumentRoot /home/foo/public_html/

    SSLEngine On
    SSLCertificateFile /etc/apache2/ssl/selfsigned.pem
    SSLCertificateKeyFile /etc/apache2/ssl/selfsigned.pem

    <Location /trac>
       SSLRequireSSL On
    </Location>

    <Directory /trac>
      Options FollowSymLinks
      AllowOverride None
    </Directory>

    <Location /trac>
        SetHandler mod_python
        PythonHandler trac.web.modpython_frontend
        PythonOption TracEnvParentDir /home/foo/public_html/trac/
        PythonOption TracUriRoot /trac
    </Location>

    <LocationMatch "/trac/[^/]+/login">
        AuthType Basic
        AuthName "Trac"
        AuthUserFile /home/foo/.passwd
        Require valid-user
    </LocationMatch>

</VirtualHost>

Follow-Ups:
- Re: Question about Apache SSL and Rewrites
  - From: Joshua Slive

Prev by Date: Re: expat lib not found apache httpd 2.2.6
Next by Date: rotatelogs with error_log
Previous by thread: expat lib not found apache httpd 2.2.6
Next by thread: Re: Question about Apache SSL and Rewrites
Index(es):
- Date
- Thread

[Index of Archives] [Open SSH Users] [Linux ACPI] [Linux Kernel] [Linux Laptop] [Kernel Newbies] [Security] [Netfilter] [Bugtraq] [Squid] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Samba] [Video 4 Linux] [Device Mapper]