[ic] Forcing SSL on a particular page
Daniel Davenport
ddavenport at newagedigital.com
Tue Jul 20 10:33:30 EDT 2004
> -----Original Message-----
> From: interchange-users-bounces at icdevgroup.org
> [mailto:interchange-users-bounces at icdevgroup.org]On Behalf Of Ethan Rowe
> Sent: Thursday, July 15, 2004 2:47 PM
> To: interchange-users at icdevgroup.org
> Subject: [ic] Forcing SSL on a particular page
>
>
> Hi, all.
>
> I'm finding this surprisingly undocumented, or else I just missed it.
> In any case, what's the best approach to force a particular page, or set
> of pages, to use SSH (on Interchange 4.8.7)? I've tried the
> "AlwaysSecure" catalog directive, which seems to make all links to
> specified pages use the secure server root, but the pages are still
> accessible with standard HTTP as well if you just type the URL in
> manually?
>
> Is it best to just bounce them to the same page with HTTPS protocol if
> they try to access the page unencrypted? I'm not crazy about bounces
> but this seems like a simple solution.
>
> If this question has been asked and answered a million times before, I
> humbly apologize and seem to have failed in my search of the archives.
(Sorry for taking so long to reply....someone seems to have switched mail
servers without telling me. :P I haven't had mail for about 4 days.)
According to the docs, the "ExtraSecure" directive cuts off access to
AlwaysSecure'd pages unless the browser is using HTTPS. Use it like this...
ExtraSecure yes
...and hope that that hasn't changed. :)
/me
More information about the interchange-users
mailing list