logo
Apache Lounge
Webmasters

 

About Forum Index Downloads Search Register Log in RSS X


Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
Post new topic   Forum Index -> Apache View previous topic :: View next topic
Reply to topic   Topic: how to make apache only use https
Author
pearsont74



Joined: 30 Oct 2007
Posts: 2

PostPosted: Tue 30 Oct '07 16:38    Post subject: how to make apache only use https Reply with quote

ok...i have a working site on windows 2k with the latest apache + mod_ssl +openssl.
I have a valid ssl cert installed and its all working great but it is accessible via http too....how can i fix this?

if i change the listen port to only 443, apache wont start.

any thoughts...i can post the config file is needed.

heres the site:
https://ftp.nbasaudits.com/
Back to top
glsmith
Moderator


Joined: 16 Oct 2007
Posts: 2268
Location: Sun Diego, USA

PostPosted: Wed 31 Oct '07 1:54    Post subject: Reply with quote

Just a thought but no promise, you may be able to use RedirectMatch. Apache, at least my 2.2.6 adds an extra evironment variable when it is being used in SSL mode, In theory, add a redirect that if said environment variable is not found to redirect to https://whathaveyou

A way I have done it in the past is have a VHost that matched subdomain for port 80 with DirectoryIndex directive set to point to a perl script that just has two lines .. make that three

#!/usr/bin/perl
print "Location: https://whathaveyou
exit 0;

Now, for those who are going to point out that in Windoze perl is located in c:/perl/bin/perl .. my answer to that is true, if you install in default location. Install in c:\usr and you never have to change the shebang in a script for the rest of your life. At least I've been doing this for 10 years now.
Back to top
fax



Joined: 05 Feb 2007
Posts: 24

PostPosted: Wed 31 Oct '07 7:43    Post subject: Reply with quote

You cannot do that in Apache itself. However you can use a firewall to only allow port 443 access yo your server.

By the way, you should hide your FULL Server Token and php existance.

This can be done via changing default.conf, the ServerToken option from Full to Prod.

From php.ini, change expose_php from On to Off.

Restart apache and people won't know you have php running from your http response header and what platfrom your apache runs on also from http response message.
Back to top
James Blond
Moderator


Joined: 19 Jan 2006
Posts: 7371
Location: Germany, Next to Hamburg

PostPosted: Wed 31 Oct '07 10:42    Post subject: Reply with quote

You can disable your vhost on port 80 if there is one.
Else comment out the # Listen 80

That apache don't start if you change Listen 80 to Listen 443 is because there must be a Listen 443 elsewhere in your httpd.conf or in an include. I guess there is a Listen 443 next to the ssl vhost.
Back to top
pearsont74



Joined: 30 Oct 2007
Posts: 2

PostPosted: Wed 31 Oct '07 14:24    Post subject: Reply with quote

James Blond wrote:
You can disable your vhost on port 80 if there is one.
Else comment out the # Listen 80

That apache don't start if you change Listen 80 to Listen 443 is because there must be a Listen 443 elsewhere in your httpd.conf or in an include. I guess there is a Listen 443 next to the ssl vhost.


i knew it was something simple...thanks and that worked nicely.
Back to top


Reply to topic   Topic: how to make apache only use https View previous topic :: View next topic
Post new topic   Forum Index -> Apache