|
I have an 2.2 apache server with just 2 virtual servers, one for http and
one for https. The document root for the 2 is the same. I now need to
force users to use https for some parts of the site/tree as these will use auth directives in .htaccess files. However, I cannot
figure out how to do this. The pages in question need to be protected by an auth directive which I presume needs to be in the .htaccess of the directory holding the pages. I have tried various combinations of the below but have not found a combination that will apply redirection (to the https version) only to http requests and authorisation only to https requests. I either get a redirection loop of authentication being applied to the http request then redirecting to https and requesting authentication again. I have tried various combinations of the following: redirects (which do not work as the 1st argument is the same for both http and https - ends up looping) rewrites (which force on to https but before they are applied the .htaccess processing of the auth diretives cuts in and wants to collect user and password information over http) Googleing does not help. Can anyone suggest any routes to solve the problem Regards Sat |
|