Jump to content
The Uniform Server Community

HTTPS webpage


jeret
 Share

Recommended Posts

The key here is httpS. That implies that the page is secured via SSL (or its other name, TLS). I see that we probably should create a Wiki article on this....

 

Assuming that you have already set up your ssl certificates, either by creating the "fake" self-signed cert or by actually obtaining a cert from a third party. By running the certificate installation procedure, you will have activated the secure vhost (which is actually what it is). This makes it so that http requests are served from www directory and https request are served from the ssl directory.

 

Now all you need to do is put your secure goodies in the ssl directory tree, and the non-secure in the regular www tree.

 

Clear? Simple? Yeah... One potential annoyance is with mixed content pages. If you can keep everything in the ssl tree, you'll avoid this. The hit on processor usage nowadays is nominal (you've retired the old Pentium III host?).

 

Last point: I have "cleaned up" the index.php files for www and ssl for Coral-8.1.1, and they look almost the same internally as well as externally. You might want to download these. They'll be included in the next Coral update, but for a while I'll have them available here. Coral_811a.7z.txt Be sure to delete the .txt before un7zipping.

 

Regards,

BobS

Link to comment
Share on other sites

Okay,

SSL has been available in The Uniform Server since 4-Mona, so this applies to all versions. If you look at the directory tree, you'll see that there is a www folder AND an ssl folder. A request for http:/mysite/index.html (on port 80) to Apache is directed to the www folder, and if the file is there, it is used for the reply. Similarly, a request for https:/mysite/index.html (on port 443 )is directed to the ssl folder, and if the file is there, it is used for the reply.

 

Look at this article in the Wiki: http://wiki.uniformserver.com/index.php/Coral:_apache_ssl and the following articles for much more detail. It's what you should have read first. :blink: BTW, ALL this information is included in the docs directory distributed with Coral. But who needs/reads the manual?

 

The ONLY difference between these two is that the ssl traffic requires a secure connection on port 443, which is automatically handled by the browser and the server.

 

So you've got me into test mode. Normally I don't set up ssl on my test servers, but to prove this out, I'm going to install a copy of WordPress in ssl instead of www, and see just what results I get.

 

If what I see and say are valid, then the ONLY difference will be that this particular copy of WP will ONLY be available via https:// on port 443.

 

Stay tuned.... :)

 

Regards,

BobS

Link to comment
Share on other sites

Hot DOG!!

I just love it when something works as it was intended!

 

I now have a new instance of WordPress running on https://localhost/wordpress/ See the picture: Secure_.JPG

 

Clarke's Third Law: "Any sufficiently advanced technology is indistinguishable from magic."

There's actually nothing magic about it when it's been explained.

 

Regards,

BobS

Link to comment
Share on other sites

That's essentially what we have in The Uniform Server documentation!

 

If you have a copy of 8-Coral loaded, go to UniServer/docs/English/apache_free_server_cert.html , or go to http://wiki.uniformserver.com/index.php/Co...ree_server_cert (they're essentially the same).

As we engineering-types like to say, RTFM! :blink:

 

We also suggest using startssl.com as the supplier. A free certificate will get you past the problem of browser security alerts, but doesn't offer any deep assurance to your users about your site. In other words, don't use this type of certificate for a server that's going to be doing e-commerce or working with the general public. It's fine for your small circle of friends, or for side development and software testing.

 

Regards,

BobS

Link to comment
Share on other sites

Well, yeah, but you're missing out on security updates and a lot more.

Don't even THINK of putting Nano open to the Internet! There are too many security holes that need to be filled.

 

Regards,

BobS

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
 Share

×
×
  • Create New...