[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Sheflug] Blocking http for just one directory?



Hello All,

I have a website with a CMS. The domain is on an apache server and is accessible by both http (port 80) and https (port 443). One directory "htdocs/panel/" contains a control panel, protected by .htpasswd usernames and passwords.

I'd like to stop access to this directory on port 80 - so people can view the rest of the website WITHOUT having to use https, but people using the control panel HAVE TO use https.

Thus, the theory goes, naughty people can't listen in on the username/password interactions and mess about with the control panel.

* Should I limit port 80 access using a <Directory> block in vhosts.conf? How?
OR
* Should I limit port 80 access using directives in .htaccess? How?
OR
* Are neither of these approaches correct? In which case, what approach should I take?

Thanks for your help.

Best,

James
=====
___________________________________________________________________

Sheffield Linux User's Group -
http://www.sheflug.co.uk/mailfaq.html

GNU the choice of a complete generation.