Working of attribute "protocol" the <Listen> directive
Interested in how it should respond directive <Listen>, given the attribute "protocol".
If to trust documentation Apahce, this attribute is required, for example, to specify the use of SSL on a non-standard port. The problem is that setting this parameter has no effect.
I try to do the following: set "Listen 81 https" + off SSL (SSLEngine Off) + turn to host http://***.**:81 = all working well, but in the idea of "​​protocol" attribute directive <Listen>, should not work.
The converse is also true: set "Listen 81 http" + on SSL (SSLEngine On) + turn to host https://***.**:81 = all working well, but in the idea should not work. Thus, as I understand it, it turns out that the server does not process the attribute "protocol".
In this regard, there are two issues:
1. how should the server to respond to the "protocol" attribute directive <Listen>? How to use this attribute?
2. how to forbid, for example, the use of http on a specific port? So that when you contact the host to enable SSL protocol is either http redirect to https, or refusal to open the site (but not error 400)?
[edited by: phranque at 4:05 am (utc) on Jul 14, 2013]
[edit reason] unlinked url [/edit]
welcome to WebmasterWorld, maxarturo!
|1. how should the server to respond to the "protocol" attribute directive <Listen>? How to use this attribute? |
where are you specifying these directives?
note they are only effective in server configuration context so this won't work in your .htaccess file.
|2. how to forbid, for example, the use of http on a specific port? So that when you contact the host to enable SSL protocol is either http redirect to https, or refusal to open the site (but not error 400)? |
i think what you are requiring is a redirect to the proper protocol.
Here's a "standard" set-up to take care of SSL-to-non-SSL, non-SSL-to-SSL and non-canonical hostname request redirects:
(adjust the example code for your specific port configuration)
|where are you specifying these directives? |
|i think what you are requiring is a redirect to the proper protocol. |
The problem is that no one I know of a way to redirect does not work here. Nor Rewrite, nor Redirect, nor SSLRequire.
Only disposition the configuration in which the redirection works - it's twice the description of the virtual host IP:81, when there is only one type of redirection Redirect 303 / https://host:81/, and the other has been described SSL and everything else. And with such a config file transfer request is really going http()://host.ru:81 to http(s)://host.ru:81, but the node itself is not open to fail. In all other configurations, the redirection does not work - there is a 400th error.
Can you give an example of your code, please?
Personally, I think I would use:
Then in the httpd.conf or .htaccess of the specific site I'd redirect from whatever protocol was used for the request (http/https) to the one I wanted to be used, but I'm a bit confused by your wording, so I'm not exactly sure what you're asking for.
My basic thought on this is:
Listen for incoming http/https requests on the port you want to use, then use the httpd.conf or .htaccess file to redirect to the protocol you want to be used rather than trying to force the protocol with the Listen itself.