I have an 2.2 apache server with just 2 virtual servers, one for http and
one for https. The document root for the 2 is the same. I now need to
force users to use https for some parts of the site/tree as these will use
auth directives in .htaccess files. However, I cannot
figure out how to do this.
The pages in question need to be protected by an auth directive which I
presume needs to be in the .htaccess of the directory holding the
pages. I have tried various combinations of the below but have not
found a combination that will apply redirection (to the https version) only to
http requests
and authorisation only to https requests. I either get a redirection loop of
authentication being applied to the http request then redirecting to https and
requesting authentication again.
I have tried various combinations of the following:
redirects (which do not work as the 1st argument is the same for both http and
https - ends up looping)
rewrites (which force on to https but before they are applied the
.htaccess processing of the auth diretives cuts in and wants to collect
user and password information over http)
Googleing does not help.
Can anyone suggest any routes to solve the problem
Regards
Sat
