Web Hosting Talk : Web Hosting Main Forums : Dedicated Server : Site with SSL, still reachable via http:// ?

[elspif]

I'm working on the SSL part of one of our sites. Eventually we'll buy a certificate but in the mean time I'm using a self signed certificate. It seems like the cobalt doesn't distuingish within a virtual site which files are secure (and so reachable via https://) and those files that don't have to be secure (reachable via http://)

The question is how to make the files that are meant to be only secure files not reachable via http://. For example https://sub.domain.com/ is reachable under http://sub.domain.com now.
I'm meaning to put a shop here that should only be accesable through the secure sockets of the SSL and never through the non secure http:// connection.

On our last server (virtual hosting using PLESK as admin) we had two direcotries in our account one for the non secure files called 'httpdocs' and one for the secure files 'httpsdocs' these were two completely seperate sites and completeley independant of each other.
Is there something like this I can do on the cobalt? Does any of you have experience with using SSL on a cobalt?

Another question is if we can put multiple certificates on the same cobalt. Our cobalt GUI started comlaining after trying to add a second one. Right now we only need one but I know in the future this could give problems. Do we need a new IP address for each seperate certificate?

Thanx heaps for you info...

[blacknight]

You can force a https connection via Apache's mod_rewrite or a .htaccess
Basically you force all connections not on port 443 to go to port 443

[elspif]

I could do that. But what if I wanted the http and https on the same domain name to just be two different sites...? Not just forwarding it to the https:// or the http://

I guess I could use mod_rewrite to check ports and then choose between two different virtual sites. One could be shop.domain.com the other www.domain.com with the shop being the secure domain. However this would mean extra costs for getting a certificate as I would need to get a wildcard certificate to alow for the subdomain name to be valid under the certificate.

Surely there must be a way to have http://www.domain.com and https://www.domain.com to point to two different directories on the cobalt.

Ehm if that's what you mean by using mod_rewrite, how would i do that? I don't use .htacces files i've disabled it; I just use the settings in access.conf so I could put it in there. I would still have to have two vitrual sites in cobalt right? And have one of them rewrite if it's not on port 443?

Why isn't this functionality in cobalt by default? Is this some advanced feature I'm getting into. It seems pretty standard to me... how do others normally do this?

thx again for your help

[blacknight]

Presuming that your directory structure has some logic you would probably put the SSL secured files in a sub-directory, which could be secured with a .htaccess trick

[elspif]

The trick in the .htaccess would be a rewrite rule?

[paulgt]

Quote:

Originally posted by elspif
I guess I could use mod_rewrite to check ports and then choose between two different virtual sites. One could be shop.domain.com the other www.domain.com with the shop being the secure domain. However this would mean extra costs for getting a certificate as I would need to get a wildcard certificate to alow for the subdomain name to be valid under the certificate.

You dont need to buy a wildcard to secure a sub domain. You can purchase a single cert for shop.domain.com .

Wildcards are for securing multiple subdomains, but if you only have 1 sub domain, you dont need a Wildcard.

This may help you make the right decision over config.