[BlueOnyx:18616] Re: Force SSL
Maurice de Laat
mdlaat at muisnetwerken.nl
Thu Nov 5 00:39:57 -05 2015
Michael Stauber schreef op 28-10-2015 16:20:
> Hi Maurice,
>
>> But would it be possible to have a new option in the GUI, per vsite,
>> that automagically redirects
>> http://vsite/whatever
>> to
>> https://vsite/whatever
>
> Yeah, go with what Chris said.
>
> Using the .htaccess is one way. Another is to turn on HSTS, which will
> force all Sites to use SSL (if they have SSL enabled). You can find
> that
> under "Server Management" / "Network Services" / "Web".
HSTS will indeed force all vsites, which is not what I seek.
Using .htaccess is a possibility, but I am now confronted with a site
that asks for credentials (using mod_auth), and the only way I could
make apache redirect to ssl before asking for the credentials was to
mess around in the virtual host container.
I would rather have BlueOnyx and BlueOnyx only to modify the virtual
host container, which led me to the question.
And yes, SSL involves slowdowns. Much true (although I have plenty of
processor-capacity available). Is that a reason for not having such an
option in our GUI? I don't think so. After all, there is also an option
to have apache do hostname lookups, which also is a guarantee for server
slowdown :-)
--
Maurice de Laat
More information about the Blueonyx
mailing list