I'm not sure but add:
SSLOptions +StrictRequire
SSLRequireSSL
seems resolve the problem
Is it correct?
thanks!
Hi all :-)
working on my last post I configured a https rewrite and auth basic:
default
[...]
IfModule mod_rewrite.c
IfModule mod_ssl.c
Location /test
RewriteEngine on
RewriteCond %{HTTPS} !^on$ [NC]
RewriteRule . https://example.org/test [L]
/Location
/IfModule
/IfModule
[...]
default-ssl
[...]
Directory /var/www/test
Options +SymLinksIfOwnerMatch +Multiviews +Indexes
AuthType Basic
AuthName Authentication Required
AuthUserFile /etc/htpasswd/test
Require valid-user
Order allow,deny
Allow from all
/Directory
[...]
Now: when I do http://example.org/test, I see access form to
authentication before the rewrite to https (or no?) - because after login
I'm in https page.
Is my authentication encrypted, I think no... any idea?
Thanks for help!
Pol
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org