Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

SSL and virtual hosts

Posted on 2004-09-13
2
Medium Priority
?
176 Views
Last Modified: 2010-07-27
We have a server running Apache that is home to about a dozen sites. All of the sites are configured to use the same IP via name-based hosting (NameVirtualHost) in the httpd.conf file.

Recently, one of the sites wanted to accept credit cards online. I purchased and installed a server certificate for the domain and modified httpd.conf to add a <virtualhost> entry for the domain under the "Listen 443" directive. I can now access the site via HTTPS, but I can also access it via HTTP, which kinda negates the whole reason for enabling SSL.

I now realize that maybe I should set up a subdomain (e.g. secure.domain.com) to handle HTTPS requests only. What's the best way to do it? I already have an unused IP address I can dedicate to the subdomain, but I'm not sure a) how to configure the DNS table and b) how to configure httpd.conf so that it associates the existing (shared) IP with HTTP requests on the domain and associates the new (dedicated) IP address with HTTPS requests on the domain.

Cheers,

-db
0
Comment
Question by:dbinteractive
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 

Author Comment

by:dbinteractive
ID: 12049648
In order to conserve IP addresses, I think I can continue to operate the site as I have been, but add PHP to the pages that should be accessed only via HTTPS to check the request method. If the browser isn't requesting the page via HTTPS, then I can redirect to the same page with HTTPS.

Is that "cheating" or an efficient use of IPs?

-db
0
 
LVL 15

Accepted Solution

by:
periwinkle earned 375 total points
ID: 12050802
You should use a unique IP address for each domain which will be used for SSL requests.

As far as being able to access a site by either http://www.somedomain.com or https://www.somedomain.com, you could add a Redirect or rewrite rule to prevent the access from the non-secure version.  On the other hand, SSL does add overhead to the server, and not all requests will need to be secured.  Usually, the parts that do are handled by a web application (PHP, Perl/CGI, etc.).  There, you can check to see if the page is being accessed securely and handle (and/or Redirect appropriately).
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are running a LAMP infrastructure, this little code snippet is very helpful if you are serving lots of HTML, JavaScript and CSS-related information. The mod_deflate module, which is part of the Apache 2.2 application, provides the DEFLATE…
If your site has a few sections that need to be secure when data is transmitted between the server and local computer, such as a /order/ section for ordering or /customer/ which contains customer data, etc it would of course be recommended to secure…
How to fix incompatible JVM issue while installing Eclipse While installing Eclipse in windows, got one error like above and unable to proceed with the installation. This video describes how to successfully install Eclipse. How to solve incompa…
This lesson discusses how to use a Mainform + Subforms in Microsoft Access to find and enter data for payments on orders. The sample data comes from a custom shop that builds and sells movable storage structures that are delivered to your property. …
Suggested Courses
Course of the Month10 days, 12 hours left to enroll

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question