Would this not still leave port 80 open and bound? Is not just removing the port delcarations for 80 and only having 443 set better and perhaps more secure?
Thanks, Ron DuFresne On Thu, 18 Apr 2002, Cliff Woolley wrote: > On Thu, 18 Apr 2002 [EMAIL PROTECTED] wrote: > > > Now if if I enter this > > http://server/www/index.php > > I get to the same location and it is not SSL secured???? > > So my question is can you turn off access to http? > > See the SSLRequireSSL directive. Or you might want to set up a Redirect > so that the client is automatically sent over to the https side. > > --Cliff > > ______________________________________________________________________ > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] > -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ admin & senior security consultant: sysinfo.com http://sysinfo.com "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart testing, only testing, and damn good at it too! ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
