Hello Chris,
On 16/01/2011, at 11:18, Chris Malton wrote:
> To force upgrading to SSL on many of my sites, I use a combination of PHP's
> header("Location: https://xxxxx";) and rewrite magic under Apache.
>
> The PHP header stuff came about when I was experimenting with Cherokee.
> Perhaps Cherokee could offer a built in SSL upgrade using the (not
> recommended, but supported) 301 response?
Sure. Actually, it does already.
Add a new behavior rule in the virtual server you want to restrict access to.
Place it on the top of the list, and ensure it's marked as Final.
The match should be "NOT (TLS/SSL)", and the handler "Redirection". Then you
add an External entry:
Regular Expression: ^/(.*)$
Substitution: https://${host}/$1
... and, that's all. Save and restart.
--
Octality
http://www.octality.com/
_______________________________________________
Cherokee mailing list
[email protected]
http://lists.octality.com/listinfo/cherokee
