Date: Wed, 19 Jul 2000 17:34:50 -0500 From: ASe User <menzies1@airmail.net> To: "'freebsd-questions@FreeBSD.ORG'" <freebsd-questions@FreeBSD.ORG> Subject: SSL and .htaccess Message-ID: <01BFF1A7.AA6D8580.menzies1@airmail.net>
next in thread | raw e-mail | index | archive | help
Hi, I have purchased space from an ISP on a FreeBSD 3.2 shell. I'm trying to set up a web site that has certain directories available only to certain people. .htaccess worked very well, and I have all the security in place. Then I implemented SSL. Now I seem to have no security at all as long as I use SSL. For instance, if I request http://www.advsysedu.com/private/password/.htpasswd I get security. If I request the same page with SSL https://air12.airweb.net/advsysed/private/password/.htpasswd I get a listing of the password file on my browser. Is there something I can do within htaccess to secure SSL? For instance, I am currently using <Limit> GET POST PUT HEAD </Limit> in my .htaccess file. Is there another I can add for SSL? Is there something like SSLDenySSL for FreeBSD? If so, how do I use it? Thanks for any help you can give me. Regards, Wes Menzies To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?01BFF1A7.AA6D8580.menzies1>