Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

difference between mod_ssl & mod_digest

Posted on 2002-04-27
7
Medium Priority
?
226 Views
Last Modified: 2012-05-04
if i want to build a "Secure Website",which module should i use, mod_ssl or mod_digest.

as i know,mod_ssl could providing SSL connection through web,but every client should visit it by "https://xxxxxx",
right? if i edit my index.html to REDIRECT the visitor fro
m "http://xxxxx.com" to "https://xxxxx.com",the client sid
e would auto change normal connection to SSL connection ?

And,mod_digest would only encrypt the "stream code" during
the authorization,after succeed,any HTTP request would sti
ll use Normal "clear text" code to communicate,right ?

please answer my questions,it's very important to me,thank
s a lot.
0
Comment
Question by:wingboad
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
7 Comments
 
LVL 51

Expert Comment

by:ahoffmann
ID: 6975365
https encryptes the complete stream
0
 
LVL 51

Accepted Solution

by:
ahoffmann earned 200 total points
ID: 6976534
mod_digest simply changes the encryption mode from Basic to Digest for the authorization dialog (where Basic is a weak encryption).
To use Digest authentification, you need to load the module, and then replace AuthType Basic by AuthType Digest in your .htaccess.
Keep in mind that not all browsers support Digest.
SSL is the more reliable and more secure way.
0
 

Author Comment

by:wingboad
ID: 6990747
but if i want our clients to use httpS,how could make them use it "tranparently" ? cause not all clients know to use
https://xxx.xxxx.com to visit those "secure pages".
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
LVL 51

Expert Comment

by:ahoffmann
ID: 6991612
assuming you administrate xxx.xxxx.com, either tell the web server to redirect any request to https, or place a index.html in corresponding directories which redirect
0
 

Author Comment

by:wingboad
ID: 6992576
so,after the redirection,all clients' requests would be
httpS automatically,right ?
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 6993057
if it is done by the server, yes
0
 
LVL 5

Expert Comment

by:zenlion420
ID: 9709163
Hey people,

No comment has been added in roughly 1 year, so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area that this question
be PAQ'd and pts awarded to ahoffman.
Please leave any comments here within the next seven days.

PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!

Zenlion420
EE Page Editor
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Cyber News Rundown brings you the latest happenings in cyber news weekly. Who am I? I’m Connor Madsen, a Webroot Threat Research Analyst, and a guy with a passion for all things security. Any more questions? Just ask.
Will you be ready when the clock on GDPR compliance runs out? Is GDPR even something you need to worry about? Find out more about the upcoming regulation changes and download our comprehensive GDPR checklist today !
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

704 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question