httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Joost de Heer" <>
Subject [users@httpd] Re: How to SSL protect certain directories
Date Fri, 14 Apr 2006 15:36:43 GMT
Romeo Theriault wrote:
> I have an apache website that I need some directories protected by
> ssl. So I got the certificate etc... Now I have two virtual hosts,
> one that is the unsecure and one that is the secure. There are only a
> few directories that I need secured by ssl.
> for example:
> So to get those directories secured I put this mod_rewrite code into
> the unsecure httpd.conf file.

> <Directory /var/www/www/distance >
>                          RewriteEngine On
>                          RewriteBase /
>                          RewriteCond %{REQUEST_FILENAME} -f [OR]

'RewriteCond %{HTTPS} off' is a better check

> The problem is that once people have viewed those pages that are in
> those secure directories the rest of the pages they view on the site
> are on the secure site. I would like to have a rewriterule in the
> secure virtual host to check if they are not in one of those
> directories and redirect them back to the unsecure site.

Something like

RewriteCond %{REQUEST_URI} !^/secure_dir(.*)
RewriteCond %{HTTPS} on
RewriteRule /^(.*)$1


The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message