Re: How to run apache in https only ?

On Sun, 23 Feb 2003, Jay Moore wrote:

> I want to run Apache so it responds only to https on port 443; http
> requests are to be simply ignored. I thought I knew how to do this, but
> then read something about using mod_rewrite which gave me a headache.
> Is there a simple how-to describing how to run your server so it
> responds only to https over port 443?

Sure. See the SSLRequireSSL directive.
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

How to run apache in https only ?

I know this is a bit off-topic for this list, and I deserve all the
flames I get... But I'm in a hurry, so here goes...

I want to run Apache so it responds only to https on port 443; http
requests are to be simply ignored. I thought I knew how to do this, but
then read something about using mod_rewrite which gave me a headache.
Is there a simple how-to describing how to run your server so it
responds only to https over port 443?

Thanks,
Jay
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

Re: How to run apache in https only ?

there are a couple of areas to check to see if your settings are correct
for this;


....
# BindAddress: You can support virtual hosts with this option. This
directive
# is used to tell the server which IP address to listen to. It can either
# contain "*", an IP address, or a fully qualified Internet domain name.
# See also the and Listen directives.
#
#BindAddress *
....
#
# Port: The port to which the standalone server listens. For
# ports < 1023, you will need httpd to be run as root initially.
#
Port 80
....
as the tendancy is once again for 'segmentation'>
## SSL Support
##
## When we also provide SSL we have to listen to the
## standard HTTP port (see above) and to the HTTPS port
##

Listen someplace.com:80
Listen someplace.com:443



port 80 references are http, port 443 references are https. Edit these
settings as appropriate for your setup. Providing those are properly set
and the cert properly generated and available as stated in the configs,
then your systems should listen at the proper address/interface on the
appropriate port there for connections/services. I believe bindaddress
has been depriciated for the listen directive.

Thanks,

Ron DuFresne


On Sun, 23 Feb 2003, Jay Moore wrote:

> I know this is a bit off-topic for this list, and I deserve all the
> flames I get... But I'm in a hurry, so here goes...
>
> I want to run Apache so it responds only to https on port 443; http
> requests are to be simply ignored. I thought I knew how to do this, but
> then read something about using mod_rewrite which gave me a headache.
> Is there a simple how-to describing how to run your server so it
> responds only to https over port 443?
>
> Thanks,
> Jay
> ____________________________________________________________ __________
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List modssl-users@modssl.org
> Automated List Manager majordomo@modssl.org
>

--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
admin & senior security consultant: sysinfo.com
http://sysinfo.com

"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
-- Johnny Hart

testing, only testing, and damn good at it too!

____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org