Re: ssl/https question
by "Steve Mount" <steve(at)saltyrain.com>
|
| Date: |
Sun, 30 Dec 2001 00:40:36 -0500 |
| To: |
"Lyle" <Lyle(at)lcrcomputer.com>,
"Hwg-Servers List \(E-mail\)" <hwg-servers(at)hwg.org> |
| References: |
lcrcomputer |
| |
todo: View
Thread,
Original
|
|
Place the HTML file outside the web server's namespace, and access it only
via a CGI call. With Apache, for example, the namespace that is "/" is
really /usr/local/etc/httpd/htdocs. If the file is not in that directory,
it cannot be seen via an http or https call. But a CGI running on that
server has access to the whole directory structure, and can read from or
write to that file as needed. This may not be your answer, but might get
you thinking in the right direction...
-------------------------------------------------------------
Steve Mount, Software Engineer steve(at)saltyrain.com
Home Site http://www.saltyrain.com
US Constitution Online http://www.usconstitution.net
Free Your Soul http://www.anonymousconfession.com
----- Original Message -----
From: "Lyle" <Lyle(at)lcrcomputer.com>
To: "Hwg-Servers List (E-mail)" <hwg-servers(at)hwg.org>
Sent: Saturday, December 29, 2001 11:54 AM
Subject: ssl/https question
> I am setting up a new site on a secure server. Is there a way to prevent
a
> certain html page from loading via http vs. https? It's just a plain html
> page and the submit is a post to a cgi script and I want to prevent users
> from loading it via https although all links are to the correct https
page.
> Right now there is nothing to prevent anyone from pulling up the html page
> via http, if you know the url.
>
> This is residing on a Linux server running Apache 1.13.20, btw.
>
> Thanks,
> Lyle
HWG: hwg-servers mailing list archives,
maintained by Webmasters @ IWA