[imp] secure connection only

Chris Crowley ccrowley@tulane.edu
Fri, 8 Dec 2000 08:51:48 -0600


> On Thursday 07 December 2000 16:57, Lars Hecking wrote:
> > Martin A. Marques writes:
> > > Is there an option in IMP to get all users to loging only using secure
> > > connections (https)?

> It's still a matter of server configuration.  I'm fairly sure that an
Apache
> Redirect clause can do all of that for you, and a hell of a lot faster
than
> thrashing around PHP redirects.
>
> CK

Are you using Apache 1.3.x ?

I just did this this morning, but it seems fine so far. In
/path/to/apache/conf/httpd.conf

Under the <IfDefine SSL> section, add:

<VirtualHost 129.81.118.5:80>
Redirect   /   https://your.host.org
</VirtualHost>

Putting the redirect in the main server has the unpleasant effect of a nasty
loop. Everytime you hit the https://url, you get redirected to it. The added
benefit is if you ever need to start apache without SSL, you don't have to
mess with the config to do it.