Koozali.org: home of the SME Server
Legacy Forums => Experienced User Forum => Topic started by: rexgaylord on July 17, 2004, 07:36:25 AM
-
Does anybody know how or ever tried to force any connection to the contect of an ibay to use only an SSL connection, force it to automatically change to https:// like it does with the proper settings of using webmail?
-
a quick search shows this :
http://mirror.contribs.org/smeserver/contribs/dmay/mitel/howto/website-access-security-howto.html
-
This is close to something I want to do. I want an ibay that is ssl only, to be used with receiving credit card info etc. can I just leave out the line in the script that says
AuthUserFile /etc/httpd/conf/htpasswd.test
and will make all access secure even though it does not require a password or login? (I understand I should get a cert)
Bob
-
That's what I was hoping also
-
My solution is to have an include fie - include_ssl.php:
<?php
// Include to force SSL connection for a page
if($HTTP_SERVER_VARS["HTTPS"] != "on")
{
$newurl = "https://" . $_SERVER["SERVER_NAME"] . $_SERVER["REQUEST_URI"];
header("location: $newurl");
}
?>
then at the top of each page in the ibay aad:
include ("include_ssl.php");
That will insure the page runs as SSL.
-
Crazybob,
can I just leave out the line in the script that says AuthUserFile /etc/httpd/conf/htpasswd.test
and will make all access secure even though it does not require a password or login? (I understand I should get a cert)
Bob
You would also need to leave out Require valid-user for it to work.
Warren
-
I will give it a try soon
Thanks
Bob
-
Leaving out:
AuthUserFile /etc/httpd/conf/htpasswd.test
Require valid-user
Resulted in an ibay that gives a user denied page if https is not used, but will connect if https is used. Almost what I needed to do. Any more ideas?
-
Any more ideas?
what about mod_rewrite. I'm no guru on Apache but the link below should shed some light hopefully
http://forums.contribs.org/index.php?topic=20589.0
Warren
-
After reading this post and doing some looking around I have found what I think you are looking for.
You need to create the directory:
/etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf/VirtualHosts
In that directory, create a file, you can call the file anything you want but you must have a number greater than 40 at the start of the file, I recommend 60WebRedirect
In that file place this code:
{
if ($port ne "443")
{
$OUT .= <<'HERE';
## Redirect Web Address to Secure Address
RewriteEngine on
RewriteRule ^/name_of_ibay https://%{HTTP_HOST}/name_of_ibay [L,R]
## End Of Redirect
HERE
}
}
Replace name_of_ibay with the address you would like to redirect.
I have tested this on my system and it seams to work without any problems, you might want to follow the earlier suggestions and lock the directory unless https is used for added security. You will need to remove the lines that look for a user and password, as suggested in the earlier posts.
Since I am very new to sme, this solution may not be the best one available. I think that the best solution would use the database and the server-manager to set up addresses to be redirected. Could somebody point me in the right direction so that I can write this change.
Thank you,
DocLove
-
Yes, i can point you to the devinfo mailing list. There is an ongoing discussion threaded "Newbie looking for a start" which should help getting further. (There are no newbies over there in fact).