From owner-freebsd-isp  Wed Mar  4 07:42:59 1998
Return-Path: <owner-freebsd-isp@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id HAA23333
          for freebsd-isp-outgoing; Wed, 4 Mar 1998 07:42:59 -0800 (PST)
          (envelope-from owner-freebsd-isp@FreeBSD.ORG)
Received: from absinthe.i3inc.com (Absinthe.Stonos.Washington.DC.US [209.31.147.194])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id HAA23328
          for <isp@freebsd.org>; Wed, 4 Mar 1998 07:42:54 -0800 (PST)
          (envelope-from chris@absinthe.i3inc.com)
Received: (from chris@localhost) by absinthe.i3inc.com (8.7.2/8.7.2) id JAA03796; Wed, 4 Mar 1998 09:34:52 -0500 (EST)
To: Andreas Klemm <aklemm@hightek.com>
Cc: isp@FreeBSD.ORG
Subject: Re: apache-ssl: encryption for documents with certain filename extension
References: <19980304123318.55018@hightek.com>
From: Chris Shenton <chris@absinthe.i3inc.com>
Date: 04 Mar 1998 09:34:51 -0500
In-Reply-To: Andreas Klemm's message of Wed, 4 Mar 1998 12:33:18 +0100
Message-ID: <87n2f6o777.fsf@absinthe.i3inc.com>
Lines: 30
X-Mailer: Gnus v5.5/Emacs 20.2
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Andreas Klemm <aklemm@hightek.com> writes:

> Is it possible, to teach apache-ssl to enable encryption, if
> you enter a document with a certain name, let's say
> 
> 	http://www.xxx.yyy/somepath/only_secure_access.htms
> 						       ^^^^
> Or is it only possible for a certain path ?
> Or ... only for a URAL using https://....

You could probably do it with a redirect or rewrite rule which maps

	http://www/foo.htms
to
	https://www/secure/foo.htms

Hummm.. I don't see why you couldn't create a v-host for some URL
which has "Security ON" (or is it "SSL ON"? I don't have access to my
secure host right now, sorry).

It might even be possible to set it up so that .htaccess insists on
SSL in a dir. I got this to work with Stronghold's Apache+SSL so it
required a client browser digital certificate for access to a dir with
the right .htaccess. Stronghold does seem to have extended the
security directives available over the Apache, last I looked, so this
might not be available to you.

Sorry this isn't definitive, but I've seen tricks like this used in
Stronghold to redirect http: requests to a "localhost" virtual which
ran the GUI web administrator...

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message