Hi...!! Very, very, very well !!! I installed and setup the VirtualSiteRoot product, which is really very simple to setup, and now it works really well, and without any complex rewriting or access rule !! From now, I can access my 'public' site through HTTP or HTTPS, and I HAVE to use HTTPS to access management interface. The only potential problem could be with management pages which don't use 'manage*' naming convention, but until now I didn't encoutered any one with well written products... For interested users, I can send my Apache rewriting rules on simple mail request... Thank you very much for your help ;-))) Thierry On 22.02.2002 - 09:24 Frank Tegtmeyer wrote:
"Thierry Florac" <thierry.florac@onf.fr> writes:
I'd like to let users access my Zope web site normally through HTTP, but make my Zope management screens (in fact, any URL containing '/manage') only available through HTTPS.
We (still) don't use virtual host monster, but virtual site root instead (http://www.zope.org/Members/comlounge/vsr/).
In Apache you can do something like this:
RewriteRule ^.*/manage(_.*|())$ - [forbidden]
Please be aware that there may be products that don't use the 'manage' convention. So this rule doesn't restrict all possible management screens.
At the SSL server no special handling of management screens is necessary.
Regards, Frank -- CTO fte@Lightwerk.com http://www.Lightwerk.com/ Fax: +49-2434-80 07 94 Phone: +49-2434-80 07 81 Lightwerk GmbH * An der Kull 11 * 41844 Wegberg * Germany Besuchen Sie uns auf der CeBIT: Halle 6, Stand F68 / 595