On Tue, 4 Jun 2002, Cliff Woolley wrote: > > BTW- I originally put in the 'deny from all' and 'satisfy any' lines > > because I had another line 'allow from .my-domain.com' inbetween them > > at one point. Which makes me wonder, what would I do if I wanted to > > put it back in? > > Ah, forgot to respond to this part. If you want that, then you would > obviously have to use 'satisfy any'. And in that case, you can't use > SSLRequireSSL. You can use a RewriteRule to get the same effect.
I just discovered a config option of which I was previously unaware that would help here. From the SSLOptions directive: # o StrictRequire: # This denies access when "SSLRequireSSL" or "SSLRequire" applied even # under a "Satisfy any" situation, i.e. when it applies access is denied # and no other module can change it. So add: SSLOptions +StrictRequire and then your scenario will work. Sorry for misleading you earlier! --Cliff ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
