| View previous topic :: View next topic |
| Author |
Message |
jtp755
l33t
Joined: 01 Sep 2003
Posts: 691
Location: USA
|
 Posted: Sun Nov 09, 2003 4:38 am Post subject: acid running only in ssl? |
 |
|
How can i setup ACID to only run when connected to through ssl? I have searched but havent found anything but i may have missed something. TIA
_________________
www.EternalFireProof.com
Registered Linux User #334610 |
|
| Back to top |
|
 |
eagle_cz
Apprentice
Joined: 06 Jun 2003
Posts: 214
|
| Posted: Sun Nov 09, 2003 10:57 am Post subject: |
|
|
| its not related to acid, you must run acid`s page in SSL mode, whitch must be set on your Apache |
|
| Back to top |
|
|
jtp755
l33t
Joined: 01 Sep 2003
Posts: 691
Location: USA
|
| Posted: Sun Nov 09, 2003 12:14 pm Post subject: |
|
|
yeah, i know thats what i was tryin to ask. it was kinda late when i wrote it  But how would i go about setting it in apache? Define a vhost or what?
_________________
www.EternalFireProof.com
Registered Linux User #334610 |
|
| Back to top |
|
|
puke
Tux's lil' helper
Joined: 05 Oct 2002
Posts: 128
|
| Posted: Mon Nov 10, 2003 10:25 am Post subject: |
|
|
| jtp755 wrote: | | But how would i go about setting it in apache? Define a vhost or what? |
If you are hosting more than your own domain, you will need to use a vhost configuration. See the apache docs, c'mon man, we can't do all the work for you.  If you still have problems post back here with the error messages. |
|
| Back to top |
|
|
jtp755
l33t
Joined: 01 Sep 2003
Posts: 691
Location: USA
|
| Posted: Mon Nov 10, 2003 9:01 pm Post subject: |
|
|
no i dont use vhosts. yeah. i have been searching around. thats why i havent posted. Would it be better to setup a password to access the dir like is described here:
http://httpd.apache.org/docs-2.0/howto/auth.html under Getting it working? or would it be better to: | Quote: | How can I create an SSL server which accepts all types of ciphers in general, but requires a strong ciphers for access to a particular URL?
Obviously you cannot just use a server-wide SSLCipherSuite which restricts the ciphers to the strong variants. But mod_ssl allows you to reconfigure the cipher suite in per-directory context and automatically forces a renegotiation of the SSL parameters to meet the new configuration. So, the solution is:
# be liberal in general
SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
<Location /strong/area>
# but https://hostname/strong/area/ and below
# requires strong ciphers
SSLCipherSuite HIGH:MEDIUM
</Location> |
from: http://httpd.apache.org/docs-2.0/ssl/ssl_howto.html?
Ultimately i want ONLY me to be able to access that dir/file to view whats going on. So thats why i was thinking about the dir access thing. What do yall think? Or is there a better way than what i have posted?
_________________
www.EternalFireProof.com
Registered Linux User #334610
Last edited by jtp755 on Mon Nov 10, 2003 11:06 pm; edited 1 time in total |
|
| Back to top |
|
|
jtp755
l33t
Joined: 01 Sep 2003
Posts: 691
Location: USA
|
| Posted: Mon Nov 10, 2003 11:02 pm Post subject: |
|
|
i have the directory password thing working but i still cant get it to only open through SSL. i want it where if i go to it through SSL it works and if i goto it through regular http it will default to my homepage(not going to the ACID page).
Also on the password part...is there a way to make it ask for a password everytime? Digest doenst work as AuthType.
_________________
www.EternalFireProof.com
Registered Linux User #334610 |
|
| Back to top |
|
|
jtp755
l33t
Joined: 01 Sep 2003
Posts: 691
Location: USA
|
| Posted: Wed Nov 12, 2003 12:48 am Post subject: |
|
|
error messages...there are none! All i want is acids page to be only viewable/accessible by me or whoever i give permission to and it only run through SSL thats all. i have searched everywhere and havent found any help.
_________________
www.EternalFireProof.com
Registered Linux User #334610 |
|
| Back to top |
|
|
puke
Tux's lil' helper
Joined: 05 Oct 2002
Posts: 128
|
|
| Back to top |
|
|
jtp755
l33t
Joined: 01 Sep 2003
Posts: 691
Location: USA
|
|
| Back to top |
|
|
|
Networking & Security
