Re: apache and apache-ssl

To: <stormspotter@6texans.net>
Cc: <debian-user@lists.debian.org>
Subject: Re: apache and apache-ssl
From: <tallison@tacocat.net>
Date: Tue, 17 Dec 2002 15:07:48 -0500 (EST)
Message-id: <[🔎] 19300.198.208.6.35.1040155668.squirrel@gandolf.tacocat.net>
In-reply-to: <[🔎] 20021217134806.5bc50660.stormspotter@6texans.net>
References: <[🔎] 20021217134806.5bc50660.stormspotter@6texans.net>

> I'm somewhat confused about the configuration of apache and apache-ssl.
> I noticed that by default they both share the same document root,
> server root, and run under the same system user. I read about the
> different methods of authentication on the apache site, as well as
> .htaccess files, but didn't see a way to restrict access of certain
> pages to a secure connection only. Am I missing something or should I
> be setting up apache and apache-ssl to have separate document roots,
> server roots, and system users?
>

apache-ssl doesn't provide access restrictions.  It provides encrypted data.

You can still access all the web pages under apache-ssl, but no one can
sneak in and steal your information (credit cards) from what you POST to
the server.
If you are looking for access restrictions, then .htaccess is a start.

Not having the docs in front of me, I have to venture a guess that there
is a different configuration for http and https document roots that you
have to set up.

Reply to:

Follow-Ups:
- Re: apache and apache-ssl
  - From: Jacob S. <stormspotter@6texans.net>

References:
- apache and apache-ssl
  - From: Jacob S. <stormspotter@6texans.net>

Prev by Date: Re: Eterm title magic?
Next by Date: Re: HELP! dhcp server not talking to clients
Previous by thread: apache and apache-ssl
Next by thread: Re: apache and apache-ssl
Index(es):
- Date
- Thread