Forums / Setup & design / Apache config for sending only username/password via https/ssl

Apache config for sending only username/password via https/ssl

« 
Previous topic
|
Setup & design
|
Next topic
 »
Author Message

Jonny Bergkvist

Monday 27 October 2003 12:19:29 pm

I have a eZ 3.2-site on Debian with Apache and Apache-SSL (not mod-ssl):

I have achieved to send all username/password in https (encrypted), and everything else goes in http (clear-text).

In apache/http it does a rewrite to https if you request a url-path that begins with /user.

And in apache-ssl/https it does a rewrite to http if you request another url-path than /user.

From /etc/apache/httpd.conf:
<VirtualHost *>
<Directory /ezroot>
Options FollowSymLinks Indexes ExecCGI
AllowOverride None
Order deny,allow
allow from all
</Directory>

ServerAdmin webmaster@hostname.com
ServerName hostname.domain.com
ServerAlias admin.hostname.domain.com
DocumentRoot /ezroot/

RewriteEngine On
RewriteRule ^/user(.*)$ https://%{HTTP_HOST}/user$1 [L]
RewriteRule !\.(gif|css|jpg|png|jar|ico|js)$ /ezroot/index.php
</VirtualHost>


From /etc/apache-ssl/httpd.conf:
<VirtualHost *>
<Directory /ezroot>
Options FollowSymLinks Indexes ExecCGI
AllowOverride None
Order deny,allow
allow from all
</Directory>

ServerAdmin webmaster@domain.com
ServerName hostname.domain.com
ServerAlias admin.hostname.domain.com
DocumentRoot /ezroot/

SSLCACertificatePath /etc/apache-ssl/cert
SSLCACertificateFile /etc/apache-ssl/cert/ca.txt
SSLCertificateFile /etc/apache-ssl/cert/certificate.crt
SSLCertificateKeyFile /etc/apache-ssl/cert/private.key

RewriteEngine On
RewriteRule ^/user(.*)$ /ezroot/index.php [L]
RewriteRule ^(.*) http://%{HTTP_HOST}$1 [L]
</VirtualHost>

The only problem I have found with this config is that if you are not authenticated and open url: http://admin.hostname.domain.com/ then you are presented the login-page without the /user/login appended in the url-path. I think I must hack some of the php-code to append the /user/login to the url in order to get redirected to https...?

Except for that is seems to work fine. Please give me feedback about this config :-)

Regards, Jonny

Jonny Bergkvist

Tuesday 28 October 2003 4:34:52 am

I just found a solution that works for the http://admin.hostname.domain.com/ when not autenticated:

I repeat the rewrite-stuff including the new entries:

/etc/apache/htttp.conf:
RewriteEngine On
RewriteCond %{HTTP_HOST} ^admin\.hostname\.domain\.com [NC]
RewriteRule ^/$ https://%{HTTP_HOST} [L]

RewriteRule ^/user(.*)$ https://%{HTTP_HOST}/user$1 [L]
RewriteRule !\.(gif|css|jpg|png|jar|ico|js)$ /ezroot/index.php

/etc/apache-ssl/httpd.conf:
RewriteEngine On
RewriteRule ^/user(.*)$ /ezroot/index.php [L]
RewriteRule ^/$ /ezroot/index.php [L]
RewriteRule \.(gif|css|jpg|png|jar|ico|js)$ %{REQUEST_URI} [S=1]
RewriteRule ^(.*) http://%{HTTP_HOST}$1 [L]

eZ debug

Timing: Jan 19 2025 21:18:09
Script start
Timing: Jan 19 2025 21:18:09
Module start 'content'
Timing: Jan 19 2025 21:18:10
Module end 'content'
Timing: Jan 19 2025 21:18:10
Script end

Main resources:

Total runtime1.1585 sec
Peak memory usage4,096.0000 KB
Database Queries189

Timing points:

CheckpointStart (sec)Duration (sec)Memory at start (KB)Memory used (KB)
Script start 0.00000.0054 589.2266180.7969
Module start 'content' 0.00541.0131 770.0234484.4141
Module end 'content' 1.01850.1399 1,254.4375333.0547
Script end 1.1584  1,587.4922 

Time accumulators:

 Accumulator Duration (sec) Duration (%) Count Average (sec)
Ini load
Load cache0.00390.3385210.0002
Check MTime0.00140.1191210.0001
Mysql Total
Database connection0.00080.065310.0008
Mysqli_queries1.081393.34021890.0057
Looping result0.00230.20161870.0000
Template Total1.130597.620.5653
Template load0.00190.167220.0010
Template processing1.128697.420820.5643
Template load and register function0.00010.010110.0001
states
state_id_array0.00120.107310.0012
state_identifier_array0.00070.061820.0004
Override
Cache load0.00170.1465640.0000
Sytem overhead
Fetch class attribute can translate value0.00230.199920.0012
Fetch class attribute name0.00080.065730.0003
XML
Image XML parsing0.00210.177120.0010
class_abstraction
Instantiating content class attribute0.00000.000840.0000
General
dbfile0.00790.6852270.0003
String conversion0.00000.000430.0000
Note: percentages do not add up to 100% because some accumulators overlap

CSS/JS files loaded with "ezjscPacker" during request:

CacheTypePacklevelSourceFiles
CSS0extension/community/design/community/stylesheets/ext/jquery.autocomplete.css
extension/community_design/design/suncana/stylesheets/scrollbars.css
extension/community_design/design/suncana/stylesheets/tabs.css
extension/community_design/design/suncana/stylesheets/roadmap.css
extension/community_design/design/suncana/stylesheets/content.css
extension/community_design/design/suncana/stylesheets/star-rating.css
extension/community_design/design/suncana/stylesheets/syntax_and_custom_tags.css
extension/community_design/design/suncana/stylesheets/buttons.css
extension/community_design/design/suncana/stylesheets/tweetbox.css
extension/community_design/design/suncana/stylesheets/jquery.fancybox-1.3.4.css
extension/bcsmoothgallery/design/standard/stylesheets/magnific-popup.css
extension/sevenx/design/simple/stylesheets/star_rating.css
extension/sevenx/design/simple/stylesheets/libs/fontawesome/css/all.min.css
extension/sevenx/design/simple/stylesheets/main.v02.css
extension/sevenx/design/simple/stylesheets/main.v02.res.css
JS0extension/ezjscore/design/standard/lib/yui/3.17.2/build/yui/yui-min.js
extension/ezjscore/design/standard/javascript/jquery-3.7.0.min.js
extension/community_design/design/suncana/javascript/jquery.ui.core.min.js
extension/community_design/design/suncana/javascript/jquery.ui.widget.min.js
extension/community_design/design/suncana/javascript/jquery.easing.1.3.js
extension/community_design/design/suncana/javascript/jquery.ui.tabs.js
extension/community_design/design/suncana/javascript/jquery.hoverIntent.min.js
extension/community_design/design/suncana/javascript/jquery.popmenu.js
extension/community_design/design/suncana/javascript/jScrollPane.js
extension/community_design/design/suncana/javascript/jquery.mousewheel.js
extension/community_design/design/suncana/javascript/jquery.cycle.all.js
extension/sevenx/design/simple/javascript/jquery.scrollTo.js
extension/community_design/design/suncana/javascript/jquery.cookie.js
extension/community_design/design/suncana/javascript/ezstarrating_jquery.js
extension/community_design/design/suncana/javascript/jquery.initboxes.js
extension/community_design/design/suncana/javascript/app.js
extension/community_design/design/suncana/javascript/twitterwidget.js
extension/community_design/design/suncana/javascript/community.js
extension/community_design/design/suncana/javascript/roadmap.js
extension/community_design/design/suncana/javascript/ez.js
extension/community_design/design/suncana/javascript/ezshareevents.js
extension/sevenx/design/simple/javascript/main.js

Templates used to render the page:

UsageRequested templateTemplateTemplate loadedEditOverride
1node/view/full.tplfull/forum_topic.tplextension/sevenx/design/simple/override/templates/full/forum_topic.tplEdit templateOverride template
2content/datatype/view/ezimage.tpl<No override>extension/sevenx/design/simple/templates/content/datatype/view/ezimage.tplEdit templateOverride template
2content/datatype/view/ezxmltext.tpl<No override>extension/community_design/design/suncana/templates/content/datatype/view/ezxmltext.tplEdit templateOverride template
12content/datatype/view/ezxmltags/paragraph.tpl<No override>extension/ezwebin/design/ezwebin/templates/content/datatype/view/ezxmltags/paragraph.tplEdit templateOverride template
10content/datatype/view/ezxmltags/line.tpl<No override>design/standard/templates/content/datatype/view/ezxmltags/line.tplEdit templateOverride template
1pagelayout.tpl<No override>extension/sevenx/design/simple/templates/pagelayout.tplEdit templateOverride template
 Number of times templates used: 28
 Number of unique templates used: 6

Time used to render debug report: 0.0002 secs