[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Sheflug] Blocking http for just one directory?
Hello All,
I have a website with a CMS. The domain is on an apache server and is
accessible by both http (port 80) and https (port 443). One directory
"htdocs/panel/" contains a control panel, protected by .htpasswd
usernames and passwords.
I'd like to stop access to this directory on port 80 - so people can
view the rest of the website WITHOUT having to use https, but people
using the control panel HAVE TO use https.
Thus, the theory goes, naughty people can't listen in on the
username/password interactions and mess about with the control panel.
* Should I limit port 80 access using a <Directory> block in
vhosts.conf? How?
OR
* Should I limit port 80 access using directives in .htaccess? How?
OR
* Are neither of these approaches correct? In which case, what approach
should I take?
Thanks for your help.
Best,
James
=====
___________________________________________________________________
Sheffield Linux User's Group -
http://www.sheflug.co.uk/mailfaq.html
GNU the choice of a complete generation.