Why not? What doesn't work with host headers and SSL? We run multiple SSL host headers per box with our intranet applications (on IIS). It's truly a pain the sane world shouldn't be subjected to, but it can happen.
Matthew Williams Geodesic GraFX www.geodesicgrafx.com/blog Rick Root wrote: > On 2/25/07, Dave Watts <[EMAIL PROTECTED]> wrote: > >> I wouldn't recommend relying on Host headers, since they can easily be >> sent >> from the browser. >> > > > True, in fact that's how they always get sent :) However, I was referring > to the previous post about actually using a domain that doesn't actually > exist and just putting it in your local machine's hostfile. Then the only > way to access it would be if you knew the IP address *AND* the domain name > that is being used for the specific web site you're trying to hack into. > > If someone is sniffing your packets, of course, it doesn't help at all. > > The real disadvantage of course with using hostheaders is that you can't use > SSL to secure your coldfusion administrator. > > Rick > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Upgrade to Adobe ColdFusion MX7 The most significant release in over 10 years. Upgrade & see new features. http://www.adobe.com/products/coldfusion Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:270643 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
