On 07/21/2014 12:19 AM, Peter Palfrader wrote:
> On Sun, 20 Jul 2014, Wouter Verhelst wrote:
>
>>>> These are all good arguments for enabling HTTPS and making it the
>>>> default (which I've said repeatedly is a move that I support, or at the
>>>> very least don't oppose), but not for *disabling* the possibility of
>>>> plain HTTP.
>>>
>>> Pray tell: How do you make it default.
>>
>> - Enable HSTS on the domain
>> - Run "sed -i -e 's,http://people.debian.org,https://people.debian.org,g'"
>> over a webwml export.
>> - Create a robots.txt file which is visible from the HTTP export (but
>> not from the HTTPS one) which looks like this:
>
> None of these brings people who type in people.debian.org into their
> browser to https.
This could be achieve with mod_rewrite and parsing the user agent:
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} ^SomeBrowser/(.*)$
RewriteRule ^(.*)$ https://test.domain.com/$1 [L,R=302]
This could be implemented in the vhost directive, and makes HTTPS
mandatory for the user agent SomeBrowser, the HTTP being effectively not
reachable for it.
Thomas Goirand (zigo)
--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/53ccb2bb.6050...@debian.org
