Welcome to HostingForumz.com!
FAQFAQ      ProfileProfile    Private MessagesPrivate Messages   Log inLog in

Apache 1.3 no ssl for al single script

  
   Web Hosting Problem Solving Community! (Home) -> Apache RSS
Next:  Playback.exe  
Author Message
jens_meier12

External


Since: Dec 06, 2004
Posts: 5



(Msg. 1) Posted: Mon Dec 06, 2004 8:35 am
Post subject: Apache 1.3 no ssl for al single script
Archived from groups: alt>apache>configuration (more info?)
Hello,

I configured my apache server to force SSL connections:

<VirtualHost _default_>
Redirect permanent / https://my.domain.net/
ServerName my.domain.net
ServerAdmin mailadmin.TakeThisOut@my.domain.net
</VirtualHost>

Now I want to prevent encrypted connections for a single
CGI script (/srv/www/cgi-bin/myscript.cgi).

Is this possible? What will I have to do?

Thanks for yor help
Jens Meier

 >> Stay informed about: Apache 1.3 no ssl for al single script 
Back to top
Login to vote
davideyeahsure

External


Since: Nov 03, 2003
Posts: 2994



(Msg. 2) Posted: Mon Dec 06, 2004 8:35 am
Post subject: Re: Apache 1.3 no ssl for al single script [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
On 2004-12-06, Jens Meier <jens_meier12.TakeThisOut@yahoo.de> wrote:
 > Is this possible?

Yes of course

 > What will I have to do?

Remove the enforcment of https for everything, use a rewrite rule to
use https instead of normal http for everything but that script.

Davide

--
I try to explain, but he goes into the back room and gets this wizened old
guy with a pocket protector and a nametag that read "Senior Engineer."
-- Jack Twilley<!-- ~MESSAGE_AFTER~ -->

 >> Stay informed about: Apache 1.3 no ssl for al single script 
Back to top
Login to vote
jens_meier12

External


Since: Dec 06, 2004
Posts: 5



(Msg. 3) Posted: Mon Dec 06, 2004 1:35 pm
Post subject: Re: Apache 1.3 no ssl for al single script [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
 > Remove the enforcment of https for everything, use a rewrite rule
 > to use https instead of normal http for everything but that script.

I removed the redirect rule and added this rewrite rule:

RewtiteEngine on
RewriteCond %{SERVER_PORT} !443$
RewriteRule ^/(.*)$ <a style='text-decoration: underline;' href="https://my.domain.net/$1" target="_blank">https://my.domain.net/$1</a> [R,L]

This rule seems to force the usage of https instead of http.

But how can I add the exception for my script? Everything I
tried did not work properly.

Is there any better documentation available than the examples
in the apache manual?

Regards
Jens Meier<!-- ~MESSAGE_AFTER~ -->
 >> Stay informed about: Apache 1.3 no ssl for al single script 
Back to top
Login to vote
hans1

External


Since: Mar 29, 2004
Posts: 672



(Msg. 4) Posted: Mon Dec 06, 2004 6:35 pm
Post subject: Re: Apache 1.3 no ssl for al single script [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
"Jens Meier" <jens_meier12.DeleteThis@yahoo.de> schreef in bericht
news:cp26eg$keu$04$1@news.t-online.com...
  > > Remove the enforcment of https for everything, use a rewrite rule
  > > to use https instead of normal http for everything but that script.
 > I removed the redirect rule and added this rewrite rule:
 > RewtiteEngine on
 > RewriteCond %{SERVER_PORT} !443$
 > RewriteRule ^/(.*)$ <a style='text-decoration: underline;' href="https://my.domain.net/$1" target="_blank">https://my.domain.net/$1</a> [R,L]
 >
 > This rule seems to force the usage of https instead of http.
 >
 > But how can I add the exception for my script? Everything I
 > tried did not work properly.
Add in between the current rule and condition
RewriteCond %{REQUEST_URI} !^/pathand/script2skip.cgi$

Be aware the links to this script _must_ include protocol, otherwise a
browser will use the protocol of its referer: https!
(You might also add a rewrite and set of conditions to map such a request
back to the plain http site)
Mixing multiple protocols on a single page may cause a brower to carp about
entering and leaving a protected area.

HansH<!-- ~MESSAGE_AFTER~ -->
 >> Stay informed about: Apache 1.3 no ssl for al single script 
Back to top
Login to vote
jens_meier12

External


Since: Dec 06, 2004
Posts: 5



(Msg. 5) Posted: Tue Dec 07, 2004 8:35 am
Post subject: Re: Apache 1.3 no ssl for al single script [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
Hello,

 > Add in between the current rule and condition
 > RewriteCond %{REQUEST_URI} !^/pathand/script2skip.cgi$

This works! Thank you very much.
Meanwhile I also found a better mod_rewrite documentation at
<a style='text-decoration: underline;' href="http://httpd.apache.org/docs/mod/mod_rewrite.html" target="_blank">http://httpd.apache.org/docs/mod/mod_rewrite.html</a>

But I still have a question: Now there are 2 RewriteCond
statements in my httpd.conf. According to the mod_rewrite
documentation the RewriteRule will only be applied, if both
RewriteConds match. Did I unterstand this correctly?
 > Be aware the links to this script _must_ include protocol, otherwise a
 > browser will use the protocol of its referer: https!
 > (You might also add a rewrite and set of conditions to map such a
request
 > back to the plain http site)
 > Mixing multiple protocols on a single page may cause a brower to carp
about
 > entering and leaving a protected area.

This won´t be a problem in my case as the script is only
needed by a client program (which doen´t work with https).
 > Be aware the links to this script _must_ include protocol, otherwise a
 > browser will use the protocol of its referer: https!
 > (You might also add a rewrite and set of conditions to map such a
request
 > back to the plain http site)
 > Mixing multiple protocols on a single page may cause a brower to carp
about
 > entering and leaving a protected area.<!-- ~MESSAGE_AFTER~ -->
 >> Stay informed about: Apache 1.3 no ssl for al single script 
Back to top
Login to vote
jens_meier12

External


Since: Dec 06, 2004
Posts: 5



(Msg. 6) Posted: Tue Dec 07, 2004 8:35 am
Post subject: Re: Apache 1.3 no ssl for al single script [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
Hello,

my last message was posted accidentally before
I had formated it correctly so apologise the bad
quotation in the last passage.

Thank you for your help again!
Jens Meier
 >> Stay informed about: Apache 1.3 no ssl for al single script 
Back to top
Login to vote
hans1

External


Since: Mar 29, 2004
Posts: 672



(Msg. 7) Posted: Tue Dec 07, 2004 3:35 pm
Post subject: Re: Apache 1.3 no ssl for al single script [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
"Jens Meier" <jens_meier12.DeleteThis@yahoo.de> schreef in bericht
news:cp484k$dk9$02$1@news.t-online.com...
  > > Add in between the current rule and condition
  > > RewriteCond %{REQUEST_URI} !^/pathand/script2skip.cgi$
 >
 > This works! Thank you very much.
 > Meanwhile I also found a better mod_rewrite documentation at
<font color=purple> > <a style='text-decoration: underline;' href="http://httpd.apache.org/docs/mod/mod_rewrite.html</font" target="_blank">http://httpd.apache.org/docs/mod/mod_rewrite.html</font</a>>
 >
 > But I still have a question: Now there are 2 RewriteCond
 > statements in my httpd.conf. According to the mod_rewrite
 > documentation the RewriteRule will only be applied, if both
 > RewriteConds match. Did I unterstand this correctly?
Default behaviour is indeed AND as documented at
<a style='text-decoration: underline;' href="http://httpd.apache.org/docs/mod/mod_rewrite.html#RewriteCond," target="_blank">http://httpd.apache.org/docs/mod/mod_rewrite.html#RewriteCond,</a> though the OR
flag allowes one to OR conditions.
However, if some simple conditions are applied to the same request property,
RewriteCond %{REMOTE_HOST} ^host1\.* [OR]
RewriteCond %{REMOTE_HOST} ^host2\.* [OR]
RewriteCond %{REMOTE_HOST} ^host3\.*
a regular expression should do a better job
RewriteCond %{REMOTE_HOST} ^(host1|host2|host3)\.*

The result of the following
RewriteCond %{REMOTE_HOST} ^host1\.* [OR]
RewriteCond %{REMOTE_HOST} ^host2\.* [OR]
RewriteCond %{REMOTE_HOST} ^host3\.*
RewriteCond %{SERVER_PORT} !443$
cannt be predicted by documentation -boolean math may execute AND before
OR-, however
RewriteCond %{SERVER_PORT} !443$
RewriteCond %{REMOTE_HOST} ^(host1|host2|host3)\.*
is fully predictable.


Your current conditions do not redirect requests at port 4443 ...
.... using "RewriteCond %{SERVER_PORT} !^443$" is more accurate.

HansH<!-- ~MESSAGE_AFTER~ -->
 >> Stay informed about: Apache 1.3 no ssl for al single script 
Back to top
Login to vote
jens_meier12

External


Since: Dec 06, 2004
Posts: 5



(Msg. 8) Posted: Wed Dec 08, 2004 8:35 am
Post subject: Re: Apache 1.3 no ssl for al single script [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
Hello,

 > Default behaviour is indeed AND as documented at
<font color=purple> > <a style='text-decoration: underline;' href="http://httpd.apache.org/docs/mod/mod_rewrite.html#RewriteCond,</font" target="_blank">http://httpd.apache.org/docs/mod/mod_rewrite.html#RewriteCond,</font</a>>

That's what I wanted to make sure.

 > Your current conditions do not redirect requests at port 4443 ...
 > ... using "RewriteCond %{SERVER_PORT} !^443$" is more accurate.

You are right . I must have overlooked the missing ^. But my apache
only listens to port 443 (and 80 of course) anyway.


Regards
Jens Meier<!-- ~MESSAGE_AFTER~ -->
 >> Stay informed about: Apache 1.3 no ssl for al single script 
Back to top
Login to vote
Display posts from previous:   
   Web Hosting Problem Solving Community! (Home) -> Apache All times are: Pacific Time (US & Canada) (change)
Page 1 of 1

 
 You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



[ Contact us | Terms of Service/Privacy Policy ]