Hall of Fame

1. caterham...544,595
2. arober11160,055
3. fosiul01126,576
4. ahoffmann118,694
5. oklit102,247
6. routinet89,912
7. yfastud89,773
8. giltjr87,349
9. Ray_Pas...77,550
10. KeremE67,189
11. ravenpl66,666
12. mwecom...60,495
13. objects47,520
14. Kravimir36,650
15. Hube0231,952
16. edster9...26,132
17. flob924,980
18. cyberstalker24,030
19. cxr22,720
20. stephenh...22,530
21. gr8gonzo22,400
22. al3cs1221,975
23. bportlock21,375
24. jasonsbytes21,250
25. gheist19,514

1. caterham...1,485,670
2. ravenpl664,109
3. ahoffmann576,094
4. giltjr394,551
5. samri316,949
6. hernst42264,232
7. routinet214,123
8. ramazany...185,197
9. yuzh179,763
10. fosiul01162,706
11. arober11160,055
12. periwinkle159,257
13. Nopius144,189
14. sleep_fur...131,179
15. oklit119,007
16. HackneyCab110,498
17. Ray_Pas...105,064
18. BigRat104,171
19. rhickmott100,033
20. yfastud89,773
21. mwecom...87,420
22. Mercantilum75,775
23. julianmatz75,634
24. KeremE75,559
25. uetian170775,460

	[x] Posted via EE Mobile
	Search, ask, and monitor your questions on the go with EE Mobile. Visit Experts Exchange from your mobile device and never be out of touch again.

Question

	[x] Attachment Details

[x]

The Solution Rating System

With so many solutions, how can you tell which solutions are most likely to help you and which ones are not? To provide you with a tool to use, we rate our solutions based on various elements that most accurately determine if a solution is a quality solution. To explain what factors affect the solution rating, here are the elements we take into consideration when formulating our solution rating.

The Grade of the Solution
The Zone Rank of the Expert Providing the Solution
The Number of Author and Expert Comments
The Number of Experts Contributing
The Feedback of the Community

Your Input Matters
Because of the way the system is set up, the most important variable in this equation is you. As a member of Experts Exchange, you are able to cast your vote on the quality of the solutions in regard to how complete, accurate, helpful and easy to understand each solution is. When you provide your feedback, each rating is adjusted accordingly. So, if you see a solution that has a poor rating that you think is a good solution, let us know by rating it. As you do, the rating will be adjusted and will become more accurate for other members of our site.

If you have any suggestions that you would like to make for our rating system, please ask a question in the Suggestions Zone of Community Support.

Thank you!

8.3

Redirect specific directory to HTTPS - Apache

Asked by verance in Apache Web Server, Secure Socket Layer (SSL) & HTTPS

Tags: redirect, apache, https, ssl

Setup:

Apache 2.28 with modules mod_ssl, openSSL built in during compile time.
Built following: http://www.securityfocus.com/infocus/1818

Project:

I have a directory within this http site that I would like to redirect to https for secure login.
I have written the page to ask for a username and password within two form entry fields.
My goal is to secure this portion of the site with SSL.

Presently I have built a Linux test box running Apache with NameVirtualHosts.

I have followed the below links to get me part of the way there.

http://www.experts-exchange.com/Software/Server_Software/Web_Servers/Apache/Q_23284868.html
http://www.experts-exchange.com/Software/Server_Software/Web_Servers/Apache/Q_20904478.html?sfQueryTermInfo=1+apach+directori+http+specif

The problem I am having is that SSL does not seem to be getting "switched on" when that directory is requested.

My Apache error log shows the error: Invalid method in request \x16\x03\x01 which tells me the SSL engine is not
powered up.

If I use the directive SSLengine on - then the entire site becomes locked down under https.

Presently for this test I am using a self-signed cert.

This is my present httpd.conf file

What am I missing within Apache's configuration to allow SSL to engage when that specific directory is accessed?

View the Solution FREE for 30 Days

         
           
             1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:
40:
41:
42:
43:
44:
45:
46:
47:
48:
49:
50:
51:
52:
53:
54:
55:
56:
57:
58:
59:
60:
61:
62:
63:
64:
65:
66:
67:
68:
69:
70:
71:
72:
73:
74:
75:
76:
77:
78:
79:
80:
81:
82:
83:
84:
85:
86:
87:
88:
89:
90:
91:
92:
93:
94:
95:
96:
97:
98:
99:
100:
101:
102:
103:

           
           
             # ================================================= 
# Basic settings 
# ================================================= 
Listen 0.0.0.0:80 
Listen 0.0.0.0:443
User ********* 
Group ********* 
ServerAdmin *********
UseCanonicalName Off 
ServerSignature Off 
ServerName test.mysite.com
HostnameLookups Off 
ServerTokens Prod
ServerRoot "/usr/local/apache2" 
DocumentRoot "/usr/local/apache2/htdocs" 
PidFile /usr/local/apache2/logs/httpd.pid 
ScoreBoardFile /usr/local/apache2/logs/httpd.scoreboard 
<IfModule mod_dir.c> 
    DirectoryIndex index.php index.html 
</IfModule> 
 
# ================================================= 
# HTTP and performance settings 
# ================================================= 
Timeout 300 
KeepAlive On 
MaxKeepAliveRequests 100 
KeepAliveTimeout 15 
<IfModule prefork.c> 
    MinSpareServers 5 
    MaxSpareServers 10 
    StartServers 5 
    MaxClients 150 
    MaxRequestsPerChild 0 
</IfModule> 
 
# ================================================= 
# Modules
# ================================================= 
LoadModule php5_module        modules/libphp5.so
 
# ================================================= 
# MIME encoding 
# ================================================= 
<IfModule mod_mime.c> 
    TypesConfig /usr/local/apache2/conf/mime.types 
</IfModule> 
DefaultType text/plain 
<IfModule mod_mime.c> 
    AddEncoding x-compress .Z 
    AddEncoding x-gzip .gz .tgz 
    AddType application/x-compress .Z 
    AddType application/x-gzip .gz .tgz 
    AddType application/x-tar .tgz 
    AddType application/x-httpd-php .php .phtml
</IfModule> 
 
 
# ================================================= 
# Logs 
# ================================================= 
LogLevel warn 
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined 
LogFormat "%h %l %u %t \"%r\" %>s %b" common 
LogFormat "%{Referer}i -> %U" referer 
LogFormat "%{User-agent}i" agent 
ErrorLog /usr/local/apache2/logs/error_log 
CustomLog /usr/local/apache2/logs/access_log combined 
 
# =================================================
# SSL Configuration
# =================================================
SSLProtocol -all +TLSv1 +SSLv3
SSLCipherSuite HIGH:MEDIUM:!aNULL:+SHA1:+MD5:+HIGH:+MEDIUM
SSLMutex file:/usr/local/apache2/logs/ssl_mutex
SSLRandomSeed startup file:/dev/urandom 1024
SSLRandomSeed connect file:/dev/urandom 1024
SSLSessionCache shm:/usr/local/apache2/logs/ssl_cache_shm
SSLSessionCacheTimeout 600
 
SSLCertificateFile /usr/local/apache2/conf/certs/server.crt
SSLCertificateKeyFile /usr/local/apache2/conf/certs/server.key
 
<IfModule mime.c>
    AddType application/x-x509-ca-cert      .crt
    AddType application/x-pkcs7-crl         .crl
</IfModule>
 
# ================================================= 
# Virtual hosts 
# ================================================= 
NameVirtualHost *:80
<VirtualHost *:80> 
    DocumentRoot "/usr/local/apache2/htdocs/test.mysite.com"
    ServerName "test.mysite.com" 
    ErrorLog logs/test.mysite.com/error_log 
    CustomLog logs/test.mysite.com/access_log combined
<Directory "/usr/local/apache2/htdocs/test.mysite.com/secure/admin">
        RewriteEngine   on
        RewriteCond     %{HTTPS} !=on
        RewriteRule     ^(.*)$ https://test.mysite.com/secure/admin/$1 [L,R]
</Directory>
</VirtualHost>
           
         

20091118-EE-VQP-93 / EE_QW_2_20070628

Redirect specific directory to HTTPS - Apache

Asked by verance in Apache Web Server, Secure Socket Layer (SSL) & HTTPS

Tags: redirect, apache, https, ssl

About this solution