On Wed, Nov 17, 1999, james wrote:
> I want to force only https to certain directories,
> so following the example in Chapter 5 [last example],
> <Directory /usr/local/apache/htdocs/secure>
> RewriteEngine on
> RewriteCond %{HTTPS} !=on
> RewriteRule .* - [forbidden]
> </Directory>
>
> still allows both http and https.
>
> Any ideas on what I have stuffed up ?
The problem was that "HTTPS" is a special variable which is set explicitly by
mod_ssl, so it wasn't available through the general SSL variable EAPI lookup
hook used by mod_rewrite. The following patch fixes this and is already
comitted for mod_ssl 2.4.9.
Index: ssl_engine_vars.c
===================================================================
RCS file: /e/modssl/cvs/mod_ssl/pkg.apache/src/modules/ssl/ssl_engine_vars.c,v
retrieving revision 1.42
diff -u -r1.42 ssl_engine_vars.c
--- ssl_engine_vars.c 1999/11/18 08:56:25 1.42
+++ ssl_engine_vars.c 1999/11/24 09:57:50
@@ -189,6 +189,12 @@
result = c->ap_auth_type;
else if (strlen(var) > 4 && strcEQn(var, "SSL_", 4))
result = ssl_var_lookup_ssl(p, c, var+4);
+ else if (strcEQ(var, "HTTPS")) {
+ if (ap_ctx_get(c->client->ctx, "ssl") != NULL)
+ result = "on";
+ else
+ result = "off";
+ }
}
/*
This should now make the above "RewriteCond %{HTTPS} !=on" allow to work as
expected.
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
