[horde] htaccess conflict
Frank Lienhard
frank at mclien.de
Tue Nov 15 21:02:47 UTC 2016
Just double checked and found out, that in this constellation the login
only works unencrypted but after the login you cab use an encrypted
connection.
Isn't that a rather bad way to do it? Shouldn't the login be encrypted?
On 11/15/2016 08:26 PM, Frank Lienhard wrote:
> I installed horde on an shared hosted platform.
> So now I end up with 2 .htaccess files:
> /var/www/virtual/<USERNAME>/html/.htaccess
> /var/www/virtual/<USERNAME>/html/horde/.htaccess
>
> The first one ist processed by the provider to work and is configured to
> force use of https.
> Unfortunately the .htaccess of the horde path renders that useless.
>
> It still works encrypted, but only if you explicitly use https:// in the
> URL.
>
> Since the .htaccess notes not to edit it, I have no idea how to fix this.
>
> Here are the rules of the non-horde .htaccess file:
>
> RewriteEngine On
> RewriteCond %{HTTPS} !=on
> RewriteCond %{ENV:HTTPS} !=on
> RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]
>
> any hints are wellcome
>
> mclien
>
More information about the horde
mailing list