Bruce Coble
11-24-2002, 09:00 PM
Firstly, thanks to all for such a great forum :beer:
I have inherited administration of a RaQ4 & I am trying to set it up :bawling: We currently have 1 IP, which all of our name-based-domains use. I wanted to isolate one such domain (https://secure.mydomain.com.au) to be viewable only by https://secure.mydomain.com.au & not by http://secure.mydomain.com.au as well, which was originally the case with the default setup. (IMHO, this seems a most strange default setting - maybe I missed something obvious :cartman: )
Here's what I did (is this wrong?):
1. I altered the httpd.conf, adding Listen myIP:443 after Listen 80.
2. I commented out the while & if statements immediately following this bit:
"# O.K. What we bassically want to do is build up new section in the conf file
# for SSL sections.
3. I put this in as my VirtualHost directive:
<VirtualHost myIP:443>
ServerName secure.mydomain.com.au
ServerAdmin admin
DocumentRoot /home/sites/siteX/web
ServerAlias secure.mydomain.com.au
SSLengine on
SSLCertificateFile /home/sites/siteX/certs/certificate
SSLCertificateKeyFile /home/sites/siteX/certs/key
AliasMatch ^/~([^/]+)(/(.*))? /home/sites/siteX/users/$1/web/$X
AliasMatch ^/users/([^/]+)(/(.*))? /home/sites/siteX/users/$1/web/$X
TransferLog /home/sites/siteX/logs/access_log
ErrorLog /home/sites/siteX/logs/error_log
AddHandler cgi-wrapper .cgi
AddHandler cgi-wrapper .pl
AddHandler server-parsed .shtml
AddType text/html .shtml
</VirtualHost>
This worked fine :D I could assign a customer a directory of the secure domain, & if someone tried to access the URL using http:// instead of https://, it redirected them to our first-listed name-based-host in the conf file.
Unfortunately, when our other clients (all using the same IP) went to http://www.theirdomain.com.au/siteadmin to administer their sites, they got an "access is forbidden message" :bawling: . When I checked out the adm_error log, I saw lots of: "Directory index forbidden by rule: /usr/admserv/html/.cobalt/siteManage/" messages.
Can some one help me here? I want to have a domain on my RaQ4 that gives me SSL-only access without stuffing up the admin screens in the GUI. Can this be done?
I have inherited administration of a RaQ4 & I am trying to set it up :bawling: We currently have 1 IP, which all of our name-based-domains use. I wanted to isolate one such domain (https://secure.mydomain.com.au) to be viewable only by https://secure.mydomain.com.au & not by http://secure.mydomain.com.au as well, which was originally the case with the default setup. (IMHO, this seems a most strange default setting - maybe I missed something obvious :cartman: )
Here's what I did (is this wrong?):
1. I altered the httpd.conf, adding Listen myIP:443 after Listen 80.
2. I commented out the while & if statements immediately following this bit:
"# O.K. What we bassically want to do is build up new section in the conf file
# for SSL sections.
3. I put this in as my VirtualHost directive:
<VirtualHost myIP:443>
ServerName secure.mydomain.com.au
ServerAdmin admin
DocumentRoot /home/sites/siteX/web
ServerAlias secure.mydomain.com.au
SSLengine on
SSLCertificateFile /home/sites/siteX/certs/certificate
SSLCertificateKeyFile /home/sites/siteX/certs/key
AliasMatch ^/~([^/]+)(/(.*))? /home/sites/siteX/users/$1/web/$X
AliasMatch ^/users/([^/]+)(/(.*))? /home/sites/siteX/users/$1/web/$X
TransferLog /home/sites/siteX/logs/access_log
ErrorLog /home/sites/siteX/logs/error_log
AddHandler cgi-wrapper .cgi
AddHandler cgi-wrapper .pl
AddHandler server-parsed .shtml
AddType text/html .shtml
</VirtualHost>
This worked fine :D I could assign a customer a directory of the secure domain, & if someone tried to access the URL using http:// instead of https://, it redirected them to our first-listed name-based-host in the conf file.
Unfortunately, when our other clients (all using the same IP) went to http://www.theirdomain.com.au/siteadmin to administer their sites, they got an "access is forbidden message" :bawling: . When I checked out the adm_error log, I saw lots of: "Directory index forbidden by rule: /usr/admserv/html/.cobalt/siteManage/" messages.
Can some one help me here? I want to have a domain on my RaQ4 that gives me SSL-only access without stuffing up the admin screens in the GUI. Can this be done?