> Am Mi, den 16.02.2005 schrieb Nathaniel Hall um 17:59: > >> | I have a fc3 system that works well. My question is how to make the >> | system's web service available only to https, but not to regular http? >> | i.e. people can browse this system only using https://my-server, but >> not >> | http://my-server? I tried to not open port 80, but only port 443 in >> | iptables, but it seems no effect, http://my-server is still working. > >> | Hongwei Li > >> RewriteEngine On >> RewriteCond "%{SERVER_PORT}" "^80$" >> RewriteRule "^(.*)$" "https://%{SERVER_NAME}$1"; [R,L] >> >> That will rewrite the address from http://whatever to https://whatever. > >> Nathaniel Hall, GSEC > > Why that complicated? I understand the question in a way, that no HTTP > should be possible and just HTTPS - globally, for the whole Apache web > server. > > In the /etc/httpd/conf/httpd.conf find the line > > Listen 80 > > (or the equal one if you did modify the default, i.e. by binding to a > specific IP) and comment it to be > > # Listen 80 > > If having the /etc/httpd/conf.d/ssl.conf active and there "Listen 443", > then the Apache is bound to only HTTPS port. > > Alexander > > Yes, it works. Thanks for help! Hongwei
