Redirecting access in Apache to https://
tom hanlon
tom at functionalmedia.com
Tue Jun 1 01:00:42 EDT 2004
>>>
>>> How about
>>>
>>> http://httpd.apache.org/docs/mod/core.html#errordocument
>>>
>>> ErrorDocument 301 https://...
>>>
>> Sorry, that should be 403 not 301.
>>
>>
> That looked interesting. The main problem I saw with trying something
> like
> that was any 403 would send you to that single page then. We actually
> have a
> couple of different pages where SSL would be required.
>
>
Probably counts as abuse of of the ErrorDocument directive but I do see
ways of making this work.
ErrorDocument 403 https://example.com/phpredirector.php
And then phpredirector should be able to grab the referrer from the
request and that should be the page requested.
phpredirector would rewrite that to make it https. Then phpredirector
would send a Location header with the secure page.
The browser may choke on two redirects, but I imagine it would work
just fine.
Of course mod_rewrite makes more sense is cleaner and the like. But
hacking ErrorDocument to a script that redirects for you is certainly
an option. Actually if the pages you are securing are php scripts or
perl scripts for that matter a redirect from within those pages is
possible. Sloppy maybe but possible just the same.
More information about the colug
mailing list