SSL

Forum to discuss the Web client version of Servoy.

Re: SSL

Postby stevek » Fri Mar 15, 2013 5:04 am

Sebster,

Thanks! So to try to understand the first suggestion, I'd revamp my system to have all vhosts on https creating a virtual server of nb1.region1tasc.org/egroupware and a second as nb1.region1tasc.org:8080 ?

I would block port 80 and run all as SSL but maintain two separate vhosts?
stevek
 
Posts: 53
Joined: Thu Jan 25, 2007 7:19 pm

Re: SSL

Postby sebster » Fri Mar 15, 2013 10:22 am

By different virtual hosts I mean different hostname. nb1 and nb2 for example. I wouldn't use different ports, ports are annoying to have to publish to customers and non-standard ports are often blocked.

I can't really tell what your site is and what your servoy is. But normally you cannot publish two different sites in one directory, i.e., if your website resides under / and your servoy resides under /, you have a problem.
So you can move one of them to a subpath, your site or your servoy, or both. Thus you could have nb1.region1tasc.org/site/... and nb1.region1tasc.org/ for servoy, or you could have nb1.region1tasc.org/servoy/... and nb1.region1tasc.org/ for your site, or you could have nb1.region1tasc.org/site/... and nb1.region1tasc.org/servoy/..

I don't know what egroupware is in your post. Is it your site or is it servoy?

Anyway, I can recommend you read the online manual pages on apache mod_proxy because it tells you all the options.

Also I wouldn't block port 80, but I would automatically redirect it to port 443 using mod_rewrite (see the mod_rewrite manual pages. Use something like this:

# Redirect everything to SSL
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
Sebastiaan van Erk
Servoy
sebster
 
Posts: 251
Joined: Thu Apr 24, 2003 10:03 am
Location: Utrecht, The Netherlands

Re: SSL

Postby stevek » Sat Mar 16, 2013 6:29 am

sebster,

Thanks a bunch!
One question, where do I put the RewriteEngine? in httpd.conf or ssl.conf?

Thanks again!
stevek
 
Posts: 53
Joined: Thu Jan 25, 2007 7:19 pm

Re: SSL

Postby sebster » Sat Mar 16, 2013 12:04 pm

The files in which configuration is put has nothing much to do with the actual structure of the configuration (in other words, what files you put stuff in is completely up to you).

If you look at the documentation for mod_rewrite it tells you where you are allowed to put the RewriteEngine directive: http://httpd.apache.org/docs/2.2/mod/mod_rewrite.html, namely Context: server config, virtual host, directory, .htaccess.

That said, I usually put it in the virtual host.
Sebastiaan van Erk
Servoy
sebster
 
Posts: 251
Joined: Thu Apr 24, 2003 10:03 am
Location: Utrecht, The Netherlands

Re: SSL

Postby stevek » Sun Mar 17, 2013 3:25 am

sebster,

So bottom line is,,, i really need to have a second FQDN for servoy and not use the same one. My plan was to have https://mysite.com and one and https://mysite.com:8080 as the second. However, by re-reading your posts, I will actually need to buy another (unique) FQDN. Such as https://myservoysite.com to point servoy to and leave the mysite.com as the apache.
Am I finally understanding your posts?
stevek
 
Posts: 53
Joined: Thu Jan 25, 2007 7:19 pm

Re: SSL

Postby sebster » Sun Mar 17, 2013 11:51 am

Hi,

It really depends on what you want. You can do any number of things:
- https://mysite.com https://mysite.com:8443 (8080 is standard http-alt, which is non-ssl)
- https://mysite.com https://mysite.com/servoy
- https://mysite.com https://myservoysite.com
- https://mysite.com/site https://mysite.com
- https://mysite.com and https://mysite.com (if none of the relevant url's collide between the site and servoy).

There's pros and cons for each of them, it really depends on what you want and need.
Sebastiaan van Erk
Servoy
sebster
 
Posts: 251
Joined: Thu Apr 24, 2003 10:03 am
Location: Utrecht, The Netherlands

Previous

Return to Servoy Web Client

Who is online

Users browsing this forum: No registered users and 4 guests

cron