Results 1 to 5 of 5

Thread: SSL only on Apache2 Virtual Host

Hybrid View

  1. #1
    Join Date
    Aug 2009
    Location
    Leitrim, Ireland
    Beans
    23
    Distro
    Ubuntu 10.10 Maverick Meerkat

    SSL only on Apache2 Virtual Host

    Hi,
    I currently have a virtual host setup to accept SSL connections as follows:
    Code:
    <VirtualHost *:443>
    DocumentRoot "/var/www"
    SSLEngine on
    SSLCertificateFile /etc/apache2/ssl/apache.pem
    <Directory "/var/www">
    allow from all
    Options +Indexes
    </Directory>
    </VirtualHost>
    How would I change it so that it can only be accessed via HTTPS ??

    Thanks !!

  2. #2
    Join Date
    Dec 2006
    Location
    Chicago
    Beans
    3,839

    Re: SSL only on Apache2 Virtual Host

    I believe with "SSLEngine on" that vhost can only be accessed with SSL encryption. If you want to make sure, you can always add this line:

    Code:
    <VirtualHost *:443>
    DocumentRoot "/var/www"
    SSLEngine on
    SSLCertificateFile /etc/apache2/ssl/apache.pem
    <Directory "/var/www">
    SSLRequireSSL
    allow from all
    Options +Indexes
    </Directory>
    </VirtualHost>

  3. #3
    Join Date
    Aug 2009
    Location
    Leitrim, Ireland
    Beans
    23
    Distro
    Ubuntu 10.10 Maverick Meerkat

    Re: SSL only on Apache2 Virtual Host

    Quote Originally Posted by cdenley View Post
    I believe with "SSLEngine on" that vhost can only be accessed with SSL encryption. If you want to make sure, you can always add this line:

    Code:
    <VirtualHost *:443>
    DocumentRoot "/var/www"
    SSLEngine on
    SSLCertificateFile /etc/apache2/ssl/apache.pem
    <Directory "/var/www">
    SSLRequireSSL
    allow from all
    Options +Indexes
    </Directory>
    </VirtualHost>
    No luck, I think it might be because my default server's web directory is the same as the virtual host's.

  4. #4
    Join Date
    Dec 2006
    Location
    Chicago
    Beans
    3,839

    Re: SSL only on Apache2 Virtual Host

    Quote Originally Posted by cian1500ww View Post
    No luck, I think it might be because my default server's web directory is the same as the virtual host's.
    Well then they're accessing a different vhost, aren't they. You asked how a single vhost can be restricted to SSL. If you don't want to allow non-ssl connections, don't enable non-ssl vhosts. You can even disable port 80 in /etc/apache2/ports.conf.

  5. #5

    Re: SSL only on Apache2 Virtual Host

    What I do is to redirect non SSL access to SSL;

    Code:
    <IfModule mod_ssl.c> 
    <VirtualHost *:80> 
            ServerName webmail.freelydifferent.com 
            Redirect / https://webmail.freelydifferent.com 
    </VirtualHost> 
     
    <VirtualHost _default_:443> 
            ServerAdmin spam_me@freelydifferent.com 
            ServerName webmail.freelydifferent.com 
            ServerAlias webmail.freelydifferent.com 
     
            DocumentRoot /var/www/webmail 
            <Directory /> 
                    Options FollowSymLinks 
                    AllowOverride None 
            </Directory> 
            <Directory /var/www/webmail> 
                    Options Indexes FollowSymLinks MultiViews 
                    AllowOverride None 
                    Order allow,deny 
                    allow from all 
            </Directory> 
    etc...
    Freedif.org, news & tutorials on self-hosting services.
    Idipops, the social network for the services

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •