* How does SSL work; what is the process that moves
a web page from http to https and from port 80 to port 443?
You point a link to https://something instead of to http://something. That will take the user to a secure page. You can also do this in code, either by redirecting or by (if you're using apache) using .htaccess files and requiring certain directories/files to use ssl.
Alternatively, you can use META-REFRESH to automatically re-direct someone (so they don't have to click a link). From a web site I just googled:
<META HTTP-EQUIV=Refresh CONTENT="10; URL=http://www.htmlhelp.com/";> tells the browser to load http://www.htmlhelp.com/ 10 seconds after the current document has finished loading. Not all browsers support this, so authors should provide an alternate means of moving to the new page where necessary. The Refresh header is sometimes used for "splash screens" or when a page has moved, but the technique is not very effective since users may not even be looking at the window that is to be refreshed and since it messes up the user's history on many browsers. Some search engines penalize pages that use a Refresh of a few seconds or less.
You could set the refresh time to 0 to make it instantaneous, so something like:
<META HTTP-EQUIV=Refresh CONTENT="0; URL=https://www.example.com/supersecret/";>
might work (untested).
You can also use the SSLRequireSSL directive in the <Location> tags of the config file to require SSL for a subdirectory of your site:
Alias /supersecret /var/www/supersecret
<Location /supersecret>
SSLRequireSSL
</Location>Again, I didn't test that, but they are both copied from a working site (just edited down, and sanitized).
Adam Augustine
____________________
BYU Unix Users Group http://uug.byu.edu/ ___________________________________________________________________
List Info: http://uug.byu.edu/cgi-bin/mailman/listinfo/uug-list
