Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 421
  • Last Modified:

SSL protection for a Directory on the Web server

Let's say that my web site doesn't really require SSL support as a whole, but just the apps and data that run in just a single secure directory on my web server.  Is it possible to somehow setup the SSL to protect only that single directory's contents.  How would I set that up? How would I link to the apps and documents stored there? My web site calls the contents of the secure directory using relative links now.  Would I have to change that to some HTTPS address?

Appreciate any and all help.

Thanks,

Tony
0
tony_trotter
Asked:
tony_trotter
2 Solutions
 
bdetcheveryCommented:
What webserver are u using, IIS? Apache?

It's pretty easy to setup SSL on only a specific directory, but in IIS you have to define the certificate for the entire site. Then on the subdirectory only you check the box "require ssl".  Other directories do not have the "require ssl" option checked.
This option can be found by right clicking on the subdirectory you want choose properties, then choose directory security at the bottom is Certificates, click the edit button and check the box require SSL

Under Apache, just put the SSLEngine and Certificate directives inside the <Directory> attributes as needed.

Links to the secured directory need to be prefexed with https://yoursite/yourdirectory/yourfile, etc.

If you are serving these pages to users from behind a firewall, make sure they can access port 443 as this is the default port used for http(s) connections

Hope this helps



0
 
ahoffmannCommented:
simply use https:// instead of http:// in all your references
the pages found in the SSL protected area should only use relative URLs (except those pointing outside that SSL area)
0

Featured Post

Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now