[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [cobalt-developers] Forcing HTTPS for certain parts of a site
- Subject: RE: [cobalt-developers] Forcing HTTPS for certain parts of a site
- From: Ted Behling <TBehling@xxxxxxxxxxxxx>
- Date: Sat Aug 25 03:32:08 2001
- List-id: Discussion Forum for developers on Sun Cobalt Networks products <cobalt-developers.list.cobalt.com>
At 05:13 PM 8/24/01 -0400, KAMRY wrote:
>I have the following after the rewrite rule in a <v... host>:
>
>RewriteCond %{SERVER_PORT} !^443$
>RewriteRule ^/folderToBeSecured/(.*)?$
>https://%{SERVER_NAME}/folderToBeSecured/$1 [L,R]
>
>
>Now, the biggest problem is this work pretty well, however if a client
>clicks on home or services from that page in that secured area then the
>https will continue on, and this is a burden on the machine.
Well, why don't you just reverse the logic of the above? "If the hit comes
over SSL and it's not in folderToBeSecured, then redirect to non-SSL"
--------------------------------------------------------------------------
Ted Behling, Web Application Developer - Monarch Information Systems, Inc.
43 Folly Field Road, Unit 4, Hilton Head Island, SC 29928-5434
E-mail: mailto:TBehling@xxxxxxxxxxxxx
Phone/Fax: 1-800-842-7894 Local or Outside the USA: 1-843-842-7894
Cell Phone (urgent issues): 843-816-7895
Cell Phone E-mail: mailto:TedPhone@xxxxxxxxxxxxx (116 letter limit)
Web site: http://www.MonarchIS.net
--------------------------------------------------------------------------