[cobalt-developers] Accessing site contents through https only

["Evan Booyens" <evanb@xxxxxxxxxxx>]

Dear Dave

You wrote:
***********************************************************
We have an RaQ 3 (and a few RedHat Linux 7) machines and we're having
trouble getting our SSL working properly.  We purchased a security
certificate from Verisign, and installed it per their instructions.

On our machine, we have one IP address, and ten name based virtual hosts.
One of the virtual hosts is also our primary site (what DocumentRoot is set
to).  We can access the primary (desired secure site) using
https://www.sitename.com.  That works fine, but we can are also able to
access the site using http://www.sitename.com.

What do we need to do to make the site and/or specific pages on that site
become secure and only accessable using https?  I don't want people to be
able to access our site using httpd, and then have an insecure credit-card
transaction.

Any help and/or sample httpd.conf help is appreciated.

Thanks,

Dave
dcsimms@xxxxxxxxxxx
**************************************************************************
#### Solution:

Try adding the following in your httpd.conf  file - obviously, I have not
put all the detail in, but this should help. You basically have to change
the document root for secure site and put all secure items under the secure
directory. Make sure that the ownerships for the secure directory and the
sitename are the same. The path to the secure directory depends on your
specific server setup. The following assumes that SSL is using port 443 for
secure access.

Hope this helps.

<VirtualHost Your. IP. Address:443>
DocumentRoot  /home/sites/sitename/secure
ServerName sitename.com
ServerAlias www.sitename.com


Evan Booyens
Domain Admin
Net4u / Grand - Host
evanb@xxxxxxxxxxx