RE: Virtual hosts and ssl.

What is required for SSL and Virtual Hosts is that you use IP based virutal hosts. Name based VH's don't work on SSL. So if you have only 1 public IP then you'll only be able to have 1 SSL enabled host. 5 = 5 and so on. g'luck Jeff > -Original Message- > From: [EMAIL PROTECTED] > [ma

RE: Advisory 012002: PHP remote vulnerabilities (fwd)

Thanks. One note. I use php 4.0.6 and I had to set file_uploads = 0 in order for it to take the value, setting it to "Off" showed "no value" in phpinfo(); Jeff > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of R. DuFresne > Sent: Wednesday, Febru

RE: what's the best way force a server to be HTTPS only?

ve: > > >Redirect / https://myvirtual.domain > > > Nick > > > Quoting SoilentG <[EMAIL PROTECTED]>: > > > Thanks and just to be clear...(sorry I'm pretty new) > > >

RE: what's the best way force a server to be HTTPS only?

1 AM > To: [EMAIL PROTECTED] > Subject: Re: what's the best way force a server to be HTTPS only? > > > Try something like: > > ServerName myvirtual.domain > SSLEngine on > > > > Redirect / https://myvirtual.domain/ > > > > > Quoti

what's the best way force a server to be HTTPS only?

I have an IP based virtual server that is defined like this: in Vhosts.conf: ServerName myvirtual.domain ... ... ... AllowOverride None Options +ExecCGI -Indexes and in ssl.default-vhost.conf ServerName myvirtual.domain ... ... .. SSLEngine on SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HI

RE: https without certificate

> Read Ralf's reply again - the certificate actually *contains* the > server's public key. The browser uses this to encrypt a session-key and > send this back to the server. Thereafter, the browser and server use > this common session key to communicate throughout the rest of the > session. > > Wi