[Gllug] Securing zope with apache-ssl
Bruce Richardson
itsbruce at uklinux.net
Mon Jun 7 16:03:40 UTC 2004
On Mon, Jun 07, 2004 at 01:37:07PM +0100, Jim wrote:
> Further bumbling later I arrived with this recipe for my virtuals file.
>
> <VirtualHost 217.158.120.148:443>
> ServerName freesolutions.net
> DocumentRoot /www/freesolutions.net/htdocs/zope
> SSLEngine on
> SSLCertificateFile /etc/ssl/new/vince_server.crt
> SSLCertificateKeyFile /etc/ssl/new/vince_server.key
> SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
> #RewriteEngine on
> # Do not allow use of the Zope management interfaces.
> RewriteCond %{REQUEST_URI} manage
> RewriteRule manage - [F]
> RewriteRule ^/(.*)
> http://localhost:9673/freesolutions/https/freesolutions.net:443/freesolutions.net/htdocs/zope/$1
> [P,L]
> </VirtualHost>
In future, Jim, it might be wiser to obscure some of the details before
publishing your configuration alongside such admissions as
> Anyone got an ideas as to why it will not work, I confess my knowledge
> of zope and mod_rewrite are practically negligible and apologise for any
> stupid mistakes.
It's practically an invitation to be cracked.
--
Bruce
I am now a little wary of bananas.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 261 bytes
Desc: Digital signature
URL: <http://mailman.lug.org.uk/pipermail/gllug/attachments/20040607/06659c9e/attachment.pgp>
-------------- next part --------------
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list