Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

I did it! Now, has anyone figured this out yet?

Status
Not open for further replies.
wlwoman

wlwoman

Technical User
Jul 8, 2001
133
0
0
US
Got my new server last weekend and set up RH 7.3 because I still haven't figured out how to get SSL the way I want it with RH 8.0.... Scavenged my old secure server and rebuilt my former main server as my new (faster) secure server.

I run online stores that do credit card transactions. Server A is the webserver which mounts directories from Server B which is the secure server. Setting up Server B as secure using RH 8.0 is no problem. I just don't want all of Server A to be secure and haven't figured out how to make only the directories I select be accessible as https: URL's. Has anyone done this with RH 8.0? Would love to spend some time this weekend playing around with it and getting 8.0 everywhere if I can swing it!

Can I install 8.0 on my main server without SSL and mount files from the secure server and still make it work? I dunno......
 
Sort by date Sort by votes
You should post this question in the APACHE forum, RedHat is not your webserver, you are serving your pages using APACHE on a RedHat GNU/Linux box ;)

 
Upvote 0 Downvote
I'm not sure it's Apache that cares where I set things up, but RH 8.0 has changed the directory/file config structure to the point where what's worked on the past few versions no longer does. This is a problem that arose only after the new version of RH was released, so I posted it here.

It's also posted there :)
 
Upvote 0 Downvote
Try viewing/editing the /etc/httpd/conf/ssl/ssl.default-vhost.conf file. I'm not sure what you mean about some directories being secure and some not, usually a whole web site or IP is set as secure or not. You might need to do something with <Directory /path/to/secure/area>
(directives)
</Directory>
to pick which directories are allowed to be part of secure or not secure server portions.

Seems like good security would dictate you have everything on the one server secure only.


Also seems like you 'should' be able to just use your configuration files from old web server on new one unless you've switched to apache2.
 
Upvote 0 Downvote
Because the configuration for SSL vhosts has been removed from the httpd.conf file and placed in the ssl.conf file, the old configuration just wouldn't fit!

The majority of each website doesn't need to be secured, and the decision to split the security worked out well with 7.3...I'm really only interested in securing the actual order process from the online order form to the end. Heavy use of graphics in some sites resulted in issues with SSL that I didn't need to deal with, so I removed graphics from the secure sections and left everything else intact.

It is, in fact, a moot point for the moment since I got tired of spending so much time trying to get something to work in 8.0 that I already had configured in 7.3 - so back to 7.3 went all the servers. I may try an upgrade again once I get a handle on just how to set up the durn security!
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

SamBones
  • Question
How Do I Start/Stop Systemd Services as a non-root User?
Replies
2
Views
208
gbaughma
gbaughma
spamjim
  • Locked
  • Question
Sorting out NTFS filesystem issues
Replies
0
Views
65
spamjim
spamjim
Steve Bowman
  • Locked
  • Question
I have a Debian server (buster) I h
Replies
0
Views
40
Steve Bowman
Steve Bowman
Tosu
  • Locked
  • Question
hi .. i have installed linux sle
Replies
1
Views
63
ChrisHirst
ChrisHirst
hobbytech
  • Locked
  • Question
Internet not connecting
Replies
5
Views
77
Stephen_Hawk
Stephen_Hawk

Part and Inventory Search

Sponsor

Back
Top