Hey Everyone,
I currently run phpbb and there is no facility to force SSL during
logins only - it's only full-time SSL or not. Because I have to encrypt
logins, I do the following in my .htaccess file:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
This essentially forces full-time SSL, which is kinda ok, but I'm
running into weird phpbb quirks (SSL write delays) so I'd like to try
and enable SSL only during logins.
Since it is difficult to manipulate the protocol section of the URL in
the phpBB code (http/https), I am thinking of appending a url variable
whenever a user is redirected to the logon page that would look like this:
https://mysite.com/forums/posting.php?mode=post&f=3&ssl=true
And my hope was that I could have the rewrite mod look at the url and
see if it contains ssl=true, and if so, force https.
Seem doable? I would think searching a URL should be pretty simple, but
I am not very well versed in regular expressions. I was hoping someone
could help me write the rewrite condition to search for a string.
Thanks!
Mike
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
