| View previous topic :: View next topic |
| Author |
Message |
BlinkEye
Veteran
Joined: 21 Oct 2003
Posts: 1046
Location: Gentoo Forums
|
 Posted: Thu Aug 19, 2004 1:34 pm Post subject: apache && authentication && ssl [SOLVED] |
 |
|
i just read the article about authentication on http://httpd.apache.org/docs/howto/auth.html#basicworks. it says that there are different ways to do that and that the basic way isn't encrypted. my idea is to authenticate via ssl - but as it isn't mentioned in the howto it may be not possible although i don't see why this shouldn't work:
| Code: | # pts/29 cat .htaccess
# If i try to access my public_html folder on port 80,
# force me to use the secure socket.
RewriteEngine on
RewriteCond %{SERVER_PORT} 80
RewriteRule .* https://%{SERVER_NAME}/~my_username/ [R,L]
AuthType Basic
AuthName "My Personal files"
AuthUserFile /usr/local/apache/passwd/passwords
Require user my_username
|
with this configuration i actually get redirected to the secure socket, but only after the authentication. of course i could use a different password as the system login password but it gets annyoing to remember all those passwords so i'd like it encrypted. there is another way authenticating (digest) - but why use it if ssl actually works?
any ideas?
_________________
Easily backup up your system? klick
Get rid of SSH Brute Force Attempts / Script Kiddies klick
Last edited by BlinkEye on Sat Oct 23, 2004 9:35 am; edited 2 times in total |
|
| Back to top |
|
 |
adaptr
Watchman
Joined: 06 Oct 2002
Posts: 6730
Location: Rotterdam, Netherlands
|
| Posted: Thu Aug 19, 2004 8:05 pm Post subject: |
|
|
Isn't that more of a design flaw ?
As you write in your comments, if you want to access your homepage from an unencrypted server - what does that mean ?
You can't access anything from a server - you access the server.
Just disable any normal http access to it and only open the SSL one.
That way you will have to authenticate over SSL, no ?
_________________
>>> emerge (3 of 7) mcse/70-293 to /
Essential tools: gentoolkit eix profuse screen |
|
| Back to top |
|
|
BlinkEye
Veteran
Joined: 21 Oct 2003
Posts: 1046
Location: Gentoo Forums
|
| Posted: Thu Aug 19, 2004 8:46 pm Post subject: |
|
|
you're right, my comment is (was) wrong. what i want is communicating on a secure line - hence i redirect an unsecure connection to the secure socket. but the authenticatin is done before that redirection and that's my problem.
as i mentioned earlier: i haven't read about this approach anywhere - especially not on the apache pages - so i guess it doesn't work. still, i don't see why
_________________
Easily backup up your system? klick
Get rid of SSH Brute Force Attempts / Script Kiddies klick |
|
| Back to top |
|
|
BlinkEye
Veteran
Joined: 21 Oct 2003
Posts: 1046
Location: Gentoo Forums
|
| Posted: Sat Oct 23, 2004 9:34 am Post subject: |
|
|
SOLUTION:
i put the following in my .htaccess file:
| Code: | RewriteEngine on
RewriteBase /~my_username
RewriteCond %{SERVER_PORT} ^80$
RewriteRule ^(.*) https://mydomainname/~my_username [R] |
_________________
Easily backup up your system? klick
Get rid of SSH Brute Force Attempts / Script Kiddies klick |
|
| Back to top |
|
|
|
Networking & Security
