Thanks Brian.
Using the "Has_Seen_MOTD" cookie idea is was I thinking of as well. And that's the way the CPAN Apache::MOTD does it. But, I thought the only easy way of reading and writing cookies would require Perl. I guess I was hoping someone would say there is some item in the http.conf file that I could set that would do redirects to the MOTD which then redirect to the originally requested page. -Dan >If you require your users to accept cookies, you could probably use a >RewriteCond to check for a cookie: if the cookie is present, let it >pass through to the requested page. If the cookie isn't present, >rewrite them to the MOTD page and set the cookie. I assume you can set >the cookie to expire at the end of the session, but I haven't set >cookie's directly from apache, myself. >This isn't fool-proof, a person could easily enough spoof the cookie >in their initial request, but a casual user using a web browser >wouldn't do that. If security actually is a concern, as in you >absolutely must have them see the MOTD before connecting, then you >would want some kind of nonce value for cookie so it can't be faked. >But that would probably be more than you can do straight from apache. >Hope that helps. >-Brian -- >Feel free to contact me using PGP Encryption: >Key Id: 0x3AA70848 >Available from: http://pgp.mit.edu/ --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org " from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
