How to disable part of the HTTP pages?

Dear all

After I have implemented the SSL technology in my servers, I understand that
users can access securely under HTTPS://. However, they can still
access through HTTP://. Is there any way to block people from
accessing under HTTP:// ? I'm not meaning to block the whole port 80 but
only some pages, is it belong to the settings of Apache or what? Please
instruct. Thanks a lot!!

Regards

Conrad Ng


______________________________________________________

Scott Wilson Ltd celebrates its new name during its 50th year in Hong Kong!

This e-mail and any attachments to it are intended only for the party to
whom they are addressed. They may contain privileged and/or confidential
information. If you have received this transmission in error please notify
the sender immediately and delete any digital copies and destroy any paper
copies. Thank you.

Scott Wilson accepts no contractual liabilities or commitments arising from
this e-mail unless subsequently confirmed by fax or letter or as an e-mail
attachment giving company name, address, registration number and authorized
signatory.
______________________________________________________


____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

Re: How to disable part of the HTTP pages?

On Thu, Jun 06, 2002 at 08:47:24AM +0800, Conrad Ng wrote:
> Dear all
>
> After I have implemented the SSL technology in my servers, I understand that
> users can access securely under HTTPS://. However, they can still
> access through HTTP://. Is there any way to block people from
> accessing under HTTP:// ? I'm not meaning to block the whole port 80 but
> only some pages, is it belong to the settings of Apache or what? Please
> instruct. Thanks a lot!!
>
Just make sure that DocumentRoot is not the same for both the HTTP and the
HTTPS server.

vh

Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall

____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

Re: How to disable part of the HTTP pages?

Hi Conrad,

I'm not very familiar with webservers yet, but you might want to use a
"virtual host"
If you let your secure host serve files from
DocumentRoot="/htdocs/secure",
and let your non-secure host serve files from
DocumentRoot="/htdocs/non-secure",
then neither of those virtual hosts can access the wrong files.
(You will need to force one host (non-secure) on port 80, while you
force the other host (secure) to port 443.

I hope my explanation is helpful, and please, someone, correct me if I
see things the wrong way.

Dennis Speekenbrink


Conrad Ng wrote:
>
> Dear all
>
> After I have implemented the SSL technology in my servers, I understand that
> users can access securely under HTTPS://. However, they can still
> access through HTTP://. Is there any way to block people from
> accessing under HTTP:// ? I'm not meaning to block the whole port 80 but
> only some pages, is it belong to the settings of Apache or what? Please
> instruct. Thanks a lot!!
>
> Regards
>
> Conrad Ng
>
> ______________________________________________________
>
> Scott Wilson Ltd celebrates its new name during its 50th year in Hong Kong!
>
> This e-mail and any attachments to it are intended only for the party to
> whom they are addressed. They may contain privileged and/or confidential
> information. If you have received this transmission in error please notify
> the sender immediately and delete any digital copies and destroy any paper
> copies. Thank you.
>
> Scott Wilson accepts no contractual liabilities or commitments arising from
> this e-mail unless subsequently confirmed by fax or letter or as an e-mail
> attachment giving company name, address, registration number and authorized
> signatory.
> ______________________________________________________
>
> ____________________________________________________________ __________
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List modssl-users@modssl.org
> Automated List Manager majordomo@modssl.org
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

RE: How to disable part of the HTTP pages?

Disable port 80.

-----Original Message-----
From: owner-modssl-users@modssl.org
[mailto:owner-modssl-users@modssl.org]On Behalf Of Conrad Ng
Sent: Wednesday, June 05, 2002 8:47 PM
To: modssl-users@modssl.org
Subject: How to disable part of the HTTP pages?


Dear all

After I have implemented the SSL technology in my servers, I understand that
users can access securely under HTTPS://. However, they can still
access through HTTP://. Is there any way to block people from
accessing under HTTP:// ? I'm not meaning to block the whole port 80 but
only some pages, is it belong to the settings of Apache or what? Please
instruct. Thanks a lot!!

Regards

Conrad Ng


______________________________________________________

Scott Wilson Ltd celebrates its new name during its 50th year in Hong Kong!

This e-mail and any attachments to it are intended only for the party to
whom they are addressed. They may contain privileged and/or confidential
information. If you have received this transmission in error please notify
the sender immediately and delete any digital copies and destroy any paper
copies. Thank you.

Scott Wilson accepts no contractual liabilities or commitments arising from
this e-mail unless subsequently confirmed by fax or letter or as an e-mail
attachment giving company name, address, registration number and authorized
signatory.
______________________________________________________


____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

RE: How to disable part of the HTTP pages?

Put "Deny from all" in
in the vhost settings where the serving port is 80.

Ex)

BlahBlahBlah

Order Deny,Allow
Deny from all




BlahBlah

Order Allow,Deny
Allow from all



Refer to the apache manual for further information.

-----Original Message-----
From: owner-modssl-users@modssl.org
[mailto:owner-modssl-users@modssl.org] On Behalf Of lin geng
Sent: Saturday, June 08, 2002 10:44 AM
To: modssl-users@modssl.org
Subject: RE: How to disable part of the HTTP pages?

Disable port 80.

-----Original Message-----
From: owner-modssl-users@modssl.org
[mailto:owner-modssl-users@modssl.org]On Behalf Of Conrad Ng
Sent: Wednesday, June 05, 2002 8:47 PM
To: modssl-users@modssl.org
Subject: How to disable part of the HTTP pages?


Dear all

After I have implemented the SSL technology in my servers, I understand
that
users can access securely under HTTPS://. However, they can still
access through HTTP://. Is there any way to block people from
accessing under HTTP:// ? I'm not meaning to block the whole port 80 but
only some pages, is it belong to the settings of Apache or what? Please
instruct. Thanks a lot!!

Regards

Conrad Ng


______________________________________________________

Scott Wilson Ltd celebrates its new name during its 50th year in Hong
Kong!

This e-mail and any attachments to it are intended only for the party to
whom they are addressed. They may contain privileged and/or confidential
information. If you have received this transmission in error please
notify
the sender immediately and delete any digital copies and destroy any
paper
copies. Thank you.

Scott Wilson accepts no contractual liabilities or commitments arising
from
this e-mail unless subsequently confirmed by fax or letter or as an
e-mail
attachment giving company name, address, registration number and
authorized
signatory.
______________________________________________________


____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

RE: How to disable part of the HTTP pages?

I believe it is more accurate to redirect. It causes less
confusion:


ServerName whatever
Redirect permanent / https://whatever


Avoids confusion and irritation on the part of site visitors.

------------------------------------------------------------ ---------

When a true genius appears in the world, you may know him by
this sign; that the dunces are all in confederacy against him.
-- Jonathan Swift
___

Dale Weaver dale@mail.wake.tec.nc.us
UNIX Systems Administrator (919) 662-3508
Wake Technical Community College fax (919) 779-3360

On Sun, 9 Jun 2002, Han,Donghoon wrote:

> Put "Deny from all" in
> in the vhost settings where the serving port is 80.
>
> Ex)
>
> BlahBlahBlah
>
> Order Deny,Allow
> Deny from all
>
>
>
>
> BlahBlah
>
> Order Allow,Deny
> Allow from all
>
>
>
> Refer to the apache manual for further information.
>
> -----Original Message-----
> From: owner-modssl-users@modssl.org
> [mailto:owner-modssl-users@modssl.org] On Behalf Of lin geng
> Sent: Saturday, June 08, 2002 10:44 AM
> To: modssl-users@modssl.org
> Subject: RE: How to disable part of the HTTP pages?
>
> Disable port 80.
>
> -----Original Message-----
> From: owner-modssl-users@modssl.org
> [mailto:owner-modssl-users@modssl.org]On Behalf Of Conrad Ng
> Sent: Wednesday, June 05, 2002 8:47 PM
> To: modssl-users@modssl.org
> Subject: How to disable part of the HTTP pages?
>
>
> Dear all
>
> After I have implemented the SSL technology in my servers, I understand
> that
> users can access securely under HTTPS://. However, they can still
> access through HTTP://. Is there any way to block people from
> accessing under HTTP:// ? I'm not meaning to block the whole port 80 but
> only some pages, is it belong to the settings of Apache or what? Please
> instruct. Thanks a lot!!
>
> Regards
>
> Conrad Ng
>
>
> ______________________________________________________
>
> Scott Wilson Ltd celebrates its new name during its 50th year in Hong
> Kong!
>
> This e-mail and any attachments to it are intended only for the party to
> whom they are addressed. They may contain privileged and/or confidential
> information. If you have received this transmission in error please
> notify
> the sender immediately and delete any digital copies and destroy any
> paper
> copies. Thank you.
>
> Scott Wilson accepts no contractual liabilities or commitments arising
> from
> this e-mail unless subsequently confirmed by fax or letter or as an
> e-mail
> attachment giving company name, address, registration number and
> authorized
> signatory.
> ______________________________________________________
>
>
> ____________________________________________________________ __________
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List modssl-users@modssl.org
> Automated List Manager majordomo@modssl.org
> ____________________________________________________________ __________
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List modssl-users@modssl.org
> Automated List Manager majordomo@modssl.org
>
> ____________________________________________________________ __________
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List modssl-users@modssl.org
> Automated List Manager majordomo@modssl.org
>

____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

RE: How to disable part of the HTTP pages?

This might depend upon what the site wants to do in the end. Disabling
port 80 will help keep folks from popping in on http, it can be a bennie
for sites open only to a chosen few. Redirects are good for sites open to
all and pushing clients to the https aspect. So, it can depend upon what
the sites requirements are.

Thanks,

Ron DuFresne

On Tue, 11 Jun 2002, Dale Weaver wrote:

>
> I believe it is more accurate to redirect. It causes less
> confusion:
>
>
> ServerName whatever
> Redirect permanent / https://whatever
>
>
> Avoids confusion and irritation on the part of site visitors.
>
> ------------------------------------------------------------ ---------
>
> When a true genius appears in the world, you may know him by
> this sign; that the dunces are all in confederacy against him.
> -- Jonathan Swift
> ___
>
> Dale Weaver dale@mail.wake.tec.nc.us
> UNIX Systems Administrator (919) 662-3508
> Wake Technical Community College fax (919) 779-3360
>
> On Sun, 9 Jun 2002, Han,Donghoon wrote:
>
> > Put "Deny from all" in
> > in the vhost settings where the serving port is 80.
> >
> > Ex)
> >
> > BlahBlahBlah
> >
> > Order Deny,Allow
> > Deny from all
> >
> >
> >
> >
> > BlahBlah
> >
> > Order Allow,Deny
> > Allow from all
> >
> >
> >
> > Refer to the apache manual for further information.
> >
> > -----Original Message-----
> > From: owner-modssl-users@modssl.org
> > [mailto:owner-modssl-users@modssl.org] On Behalf Of lin geng
> > Sent: Saturday, June 08, 2002 10:44 AM
> > To: modssl-users@modssl.org
> > Subject: RE: How to disable part of the HTTP pages?
> >
> > Disable port 80.
> >
> > -----Original Message-----
> > From: owner-modssl-users@modssl.org
> > [mailto:owner-modssl-users@modssl.org]On Behalf Of Conrad Ng
> > Sent: Wednesday, June 05, 2002 8:47 PM
> > To: modssl-users@modssl.org
> > Subject: How to disable part of the HTTP pages?
> >
> >
> > Dear all
> >
> > After I have implemented the SSL technology in my servers, I understand
> > that
> > users can access securely under HTTPS://. However, they can still
> > access through HTTP://. Is there any way to block people from
> > accessing under HTTP:// ? I'm not meaning to block the whole port 80 but
> > only some pages, is it belong to the settings of Apache or what? Please
> > instruct. Thanks a lot!!
> >
> > Regards
> >
> > Conrad Ng
> >
> >
> > ______________________________________________________
> >
> > Scott Wilson Ltd celebrates its new name during its 50th year in Hong
> > Kong!
> >
> > This e-mail and any attachments to it are intended only for the party to
> > whom they are addressed. They may contain privileged and/or confidential
> > information. If you have received this transmission in error please
> > notify
> > the sender immediately and delete any digital copies and destroy any
> > paper
> > copies. Thank you.
> >
> > Scott Wilson accepts no contractual liabilities or commitments arising
> > from
> > this e-mail unless subsequently confirmed by fax or letter or as an
> > e-mail
> > attachment giving company name, address, registration number and
> > authorized
> > signatory.
> > ______________________________________________________
> >
> >
> > ____________________________________________________________ __________
> > Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> > User Support Mailing List modssl-users@modssl.org
> > Automated List Manager majordomo@modssl.org
> > ____________________________________________________________ __________
> > Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> > User Support Mailing List modssl-users@modssl.org
> > Automated List Manager majordomo@modssl.org
> >
> > ____________________________________________________________ __________
> > Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> > User Support Mailing List modssl-users@modssl.org
> > Automated List Manager majordomo@modssl.org
> >
>
> ____________________________________________________________ __________
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List modssl-users@modssl.org
> Automated List Manager majordomo@modssl.org
>

--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
admin & senior security consultant: sysinfo.com
http://sysinfo.com

"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
-- Johnny Hart

testing, only testing, and damn good at it too!

____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

RE: How to disable part of the HTTP pages?

This might depend upon what the site wants to do in the end. Disabling
port 80 will help keep folks from popping in on http, it can be a bennie
for sites open only to a chosen few. Redirects are good for sites open to
all and pushing clients to the https aspect. So, it can depend upon what
the sites requirements are.

Thanks,

Ron DuFresne

On Tue, 11 Jun 2002, Dale Weaver wrote:

>
> I believe it is more accurate to redirect. It causes less
> confusion:
>
>
> ServerName whatever
> Redirect permanent / https://whatever
>
>
> Avoids confusion and irritation on the part of site visitors.
>
> ------------------------------------------------------------ ---------
>
> When a true genius appears in the world, you may know him by
> this sign; that the dunces are all in confederacy against him.
> -- Jonathan Swift
> ___
>
> Dale Weaver dale@mail.wake.tec.nc.us
> UNIX Systems Administrator (919) 662-3508
> Wake Technical Community College fax (919) 779-3360
>
> On Sun, 9 Jun 2002, Han,Donghoon wrote:
>
> > Put "Deny from all" in
> > in the vhost settings where the serving port is 80.
> >
> > Ex)
> >
> > BlahBlahBlah
> >
> > Order Deny,Allow
> > Deny from all
> >
> >
> >
> >
> > BlahBlah
> >
> > Order Allow,Deny
> > Allow from all
> >
> >
> >
> > Refer to the apache manual for further information.
> >
> > -----Original Message-----
> > From: owner-modssl-users@modssl.org
> > [mailto:owner-modssl-users@modssl.org] On Behalf Of lin geng
> > Sent: Saturday, June 08, 2002 10:44 AM
> > To: modssl-users@modssl.org
> > Subject: RE: How to disable part of the HTTP pages?
> >
> > Disable port 80.
> >
> > -----Original Message-----
> > From: owner-modssl-users@modssl.org
> > [mailto:owner-modssl-users@modssl.org]On Behalf Of Conrad Ng
> > Sent: Wednesday, June 05, 2002 8:47 PM
> > To: modssl-users@modssl.org
> > Subject: How to disable part of the HTTP pages?
> >
> >
> > Dear all
> >
> > After I have implemented the SSL technology in my servers, I understand
> > that
> > users can access securely under HTTPS://. However, they can still
> > access through HTTP://. Is there any way to block people from
> > accessing under HTTP:// ? I'm not meaning to block the whole port 80 but
> > only some pages, is it belong to the settings of Apache or what? Please
> > instruct. Thanks a lot!!
> >
> > Regards
> >
> > Conrad Ng
> >
> >
> > ______________________________________________________
> >
> > Scott Wilson Ltd celebrates its new name during its 50th year in Hong
> > Kong!
> >
> > This e-mail and any attachments to it are intended only for the party to
> > whom they are addressed. They may contain privileged and/or confidential
> > information. If you have received this transmission in error please
> > notify
> > the sender immediately and delete any digital copies and destroy any
> > paper
> > copies. Thank you.
> >
> > Scott Wilson accepts no contractual liabilities or commitments arising
> > from
> > this e-mail unless subsequently confirmed by fax or letter or as an
> > e-mail
> > attachment giving company name, address, registration number and
> > authorized
> > signatory.
> > ______________________________________________________
> >
> >
> > ____________________________________________________________ __________
> > Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> > User Support Mailing List modssl-users@modssl.org
> > Automated List Manager majordomo@modssl.org
> > ____________________________________________________________ __________
> > Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> > User Support Mailing List modssl-users@modssl.org
> > Automated List Manager majordomo@modssl.org
> >
> > ____________________________________________________________ __________
> > Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> > User Support Mailing List modssl-users@modssl.org
> > Automated List Manager majordomo@modssl.org
> >
>
> ____________________________________________________________ __________
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List modssl-users@modssl.org
> Automated List Manager majordomo@modssl.org
>

--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
admin & senior security consultant: sysinfo.com
http://sysinfo.com

"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
-- Johnny Hart

testing, only testing, and damn good at it too!

____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org