How to start https service only?
Alexander Dalloz
ad+lists at uni-x.org
Wed Feb 16 17:15:18 UTC 2005
Am Mi, den 16.02.2005 schrieb Nathaniel Hall um 17:59:
> | I have a fc3 system that works well. My question is how to make the
> | system's web service available only to https, but not to regular http?
> | i.e. people can browse this system only using https://my-server, but not
> | http://my-server? I tried to not open port 80, but only port 443 in
> | iptables, but it seems no effect, http://my-server is still working.
> | Hongwei Li
> RewriteEngine On
> RewriteCond "%{SERVER_PORT}" "^80$"
> RewriteRule "^(.*)$" "https://%{SERVER_NAME}$1" [R,L]
>
> That will rewrite the address from http://whatever to https://whatever.
> Nathaniel Hall, GSEC
Why that complicated? I understand the question in a way, that no HTTP
should be possible and just HTTPS - globally, for the whole Apache web
server.
In the /etc/httpd/conf/httpd.conf find the line
Listen 80
(or the equal one if you did modify the default, i.e. by binding to a
specific IP) and comment it to be
# Listen 80
If having the /etc/httpd/conf.d/ssl.conf active and there "Listen 443",
then the Apache is bound to only HTTPS port.
Alexander
--
Alexander Dalloz | Enger, Germany | new address - new key: 0xB366A773
legal statement: http://www.uni-x.org/legal.html
Fedora GNU/Linux Core 2 (Tettnang) on Athlon kernel 2.6.10-1.14_FC2smp
Serendipity 18:11:50 up 22:37, 18 users, 0.14, 0.25, 0.27
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
Url : http://lists.fedoraproject.org/pipermail/users/attachments/20050216/507ce3e8/attachment-0002.bin
More information about the users
mailing list