I have several virtual hosts currently configured in my Apache set up. I've switched one of them to IP based virtual hosting to prepare it for SSL. My question is how do you secure only specific subdirectories, rather than the entire domain?
To get it to even work I had to specify the virtual host to listen on port 443, so anything on port 80 now doesnt work (obviously). Is there a way to specify only particular directories to be secured rather than the entire domain, or would I set up two separate virtual hosts for the same domain and have one listen to port 443 (for https) routing traffic to it's own document root, while configuring the second to listen to port 80 (for http) and route all those requests to a different document root? (Somehow, this seems like a rig) Does anyone know how to do this?
Here's what the virtual host part of my httpd.conf file looks like for the virtual host in question: (I changed my domain name to "domain_to_secure" for security reasons)
ScriptAlias /cgi-bin/ /home/www1/domain_to_secur
Options ExecCGI FollowSymLinks Includes Indexes