Topic: moodle contrib - possible to force ssl mode?

[smiit]

I'm wondering if there's a quick fragment or db setting that will allow full-time forced SSL mode for the moodle contrib.

I'd like it to operate securely as https:// like the egroupware contrib.

I've tried a few quick hacks like adding SSLRequireSSL to httpd.conf but doesn't seem to work.

The webmail https redirect looks more complicated so I haven't gone down that road.

Anyone else have success with this?

Thanks!

[cactus]

I'm wondering if there's a quick fragment or db setting that will allow full-time forced SSL mode for the moodle contrib.

I'd like it to operate securely as https:// like the egroupware contrib.

I've tried a few quick hacks like adding SSLRequireSSL to httpd.conf but doesn't seem to work.

The webmail https redirect looks more complicated so I haven't gone down that road.

Anyone else have success with this?

Thanks!

As the SSLRequireSSL directive does not work, my guess is that the only possible option is the redirect method used for webmail and server-manager. It is not that hard as you think.

The left part of the line is (a regular expression match) for the text the user entered in the address bar which is translated to the right part, which is the same address with a https directive instead of a http directive, you will probably just jhave to replace the webmail part with the ibay or location in which you installed your moodle installation and put it in the correct location in the template tree, re-expand the template and restart your webserver.

[wjhobbs]

I'm wondering if there's a quick fragment or db setting that will allow full-time forced SSL mode for the moodle contrib.

I'd like it to operate securely as https:// like the egroupware contrib.

I did the following for forcing https: access to my LedgerSMB application. You might be able to modify it to suit your purpose...

======
Ensure Encrypted Access to LedgerSMB
In this step, set up a rewrite rule to change all ‘http://’ requests to ‘https://’ for all cases where ledgers.mydomain.ca is the virtual domain so that communication with LedgerSMB over the Internet is encrypted.

# mkdir -p /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf/VirtualHosts
# cd /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf/VirtualHosts

# pico 60WebRedirect

Code: [Select]

{
  if ($virtualHost eq "ledgers.mydomain.ca" and $port ne "443")
  {
    $OUT = "";
    $OUT .= "# \n"
          . "#   RewriteRule directive for LedgerSMB - force https: \n"
          . "# \n"
          . "    RewriteEngine on \n"
          . '    RewriteRule ^/(.*)$ https://ledgers.mydomain.ca/$1 [R,L] \n';
  }
  else
  {
    ' ';
  }
}


Expand the template and to create a new Apache configuration file (httpd.conf)
# /sbin/e-smith/expand-template /etc/httpd/conf/httpd.conf

Restart the Apache web server
# /etc/rc7.d/S86httpd-e-smith restart
======

Hope this helps.

John

[stephen noble]

please modify the moodle fragment and post as a moodle nfr on bugzilla

[smiit]

please modify the moodle fragment and post as a moodle nfr on bugzilla

Do you mean directly modify one of the installed dungog moodle fragments?  I see three:

In /etc/e-smith/templates/etc/httpd/conf/httpd.conf there are these two:

80OptDomainMoodle
92moodle

and in /etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts there is:

30MoodleAlias

Are you saying I could paste John's code into one of these three and then re-expand the httpd.conf template?

Thanks

[stephen noble]

suck it and see
at least /etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts
/30MoodleAlias

note. I had problems which is why this isn't already implemented so exercise caution