Dear List I have just read this: http://www.zope.org/Members/beacon/install_instructions And I and a bit confused over this part: btw - the comments are mine. #Client is connection to www.foobar.net and we do the RewriteRule dance. ServerName foobar.net ServerAlias www.foobar.net # What the f..k ServerAlias outside <VirtualHost> !! ?? ServerAdmin admin DocumentRoot /var/zope-sites/FooBar/static CustomLog /var/zope-sites/FooBar/logs/access_log combined RewriteEngine on RewriteRule ^/images/ - [L] RewriteRule ^/(.*) http://127.0.0.1:8080/VirtualHostBase/http/foobar.net:80/MySites/FooBar/Virt ualHostRoot/$1 [P] # The intention with this part seems to be that if the client tries to connect to manage.foobar.net via http he is forced to use https. ServerName manage.foobar.net # ?? ServerName used as a condition? ServerAdmin admin RewriteEngine on RewriteCond %{SERVER_PORT} !443 RewriteRule ^/(.*) https://manage.foobar.net/$1 [P] # The client is connecting to manage.foobar.net via https and we do the usual RewriteRule dance. ServerAdmin admin DocumentRoot /var/zope-sites/FooBar/static CustomLog /var/zope-sites/FooBar/logs/access_log combined ServerName manage.foobar.net RewriteEngine on RewriteRule ^/images/ - [L] RewriteRule ^/(.*) http://127.0.0.1:8080/VirtualHostBase/https/manage.foobar.net:443/MySites/Fo oBar/VirtualHostRoot/$1 [P] SSLEngine on SSLCertificateFile /var/zope-sites/FooBar/conf/ssl/server.pub SSLCertificateKeyFile /var/zope-sites/FooBar/conf/ssl/server.key SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown How on earth is this supposed to work? AFAIK One cannot use ServerName as a condition the way it seems to be used here. All comments welcome! \Oliver --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.371 / Virus Database: 206 - Release Date: 13-06-2002
It seems that: SSLEngine on SSLCertificateFile /var/zope-sites/FooBar/conf/ssl/server.pub SSLCertificateKeyFile /var/zope-sites/FooBar/conf/ssl/server.key SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown is a problem under normal http. Often you see this par of the SSL in a pair of <VirtualHost > </VirtualHost> \Oliver - which will continue to work on this problem.
-----Original Message----- From: zope-admin@zope.org [mailto:zope-admin@zope.org]On Behalf Of Oliver Marx Sent: 26. juli 2002 01:48 To: Zope mailinglist Subject: [Zope] Install Zope correctly
Dear List
I have just read this: http://www.zope.org/Members/beacon/install_instructions
And I and a bit confused over this part: btw - the comments are mine.
#Client is connection to www.foobar.net and we do the RewriteRule dance.
ServerName foobar.net ServerAlias www.foobar.net # What the f..k ServerAlias outside <VirtualHost> !! ?? ServerAdmin admin DocumentRoot /var/zope-sites/FooBar/static CustomLog /var/zope-sites/FooBar/logs/access_log combined RewriteEngine on RewriteRule ^/images/ - [L] RewriteRule ^/(.*) http://127.0.0.1:8080/VirtualHostBase/http/foobar.net:80/MySites/F ooBar/Virt ualHostRoot/$1 [P]
# The intention with this part seems to be that if the client tries to connect to manage.foobar.net via http he is forced to use https.
ServerName manage.foobar.net # ?? ServerName used as a condition? ServerAdmin admin RewriteEngine on RewriteCond %{SERVER_PORT} !443 RewriteRule ^/(.*) https://manage.foobar.net/$1 [P]
# The client is connecting to manage.foobar.net via https and we do the usual RewriteRule dance.
ServerAdmin admin DocumentRoot /var/zope-sites/FooBar/static CustomLog /var/zope-sites/FooBar/logs/access_log combined ServerName manage.foobar.net RewriteEngine on RewriteRule ^/images/ - [L] RewriteRule ^/(.*) http://127.0.0.1:8080/VirtualHostBase/https/manage.foobar.net:443/ MySites/Fo oBar/VirtualHostRoot/$1 [P] SSLEngine on SSLCertificateFile /var/zope-sites/FooBar/conf/ssl/server.pub SSLCertificateKeyFile /var/zope-sites/FooBar/conf/ssl/server.key SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
How on earth is this supposed to work? AFAIK One cannot use ServerName as a condition the way it seems to be used here. All comments welcome! \Oliver --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.371 / Virus Database: 206 - Release Date: 13-06-2002 _______________________________________________ Zope maillist - Zope@zope.org http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev ) --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.371 / Virus Database: 206 - Release Date: 13-06-2002 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.371 / Virus Database: 206 - Release Date: 13-06-2002
-----Original Message----- From: zope-admin@zope.org [mailto:zope-admin@zope.org]On Behalf Of Oliver Marx Sent: Thursday, July 25, 2002 7:48 PM To: Zope mailinglist Subject: [Zope] Install Zope correctly
Dear List
I have just read this: http://www.zope.org/Members/beacon/install_instructions
And I and a bit confused over this part: btw - the comments are mine.
How on earth is this supposed to work? AFAIK One cannot use ServerName as a condition the way it seems to be used here.
It's supposed to work when all the tiny, magical, invisible tags are included. No, really. Look at the source code for the page -- you'll see <Apache Directives> that your browser is interpreting as <html tags> and therefore not showing you. Might want to drop the nice author a note and suggest he edit source to turn those <Apache Directives> into <Apache Directives>. On the other hand, sometimes it's safest to just turn them into [Apache Directive], since you never know what other software will turn those back into brackets. (Same problem here. Our HTMLizing mailreader friends might not see secret messages like this <Your MUA Sucks. Giggle!>. If you didn't see that, look at the source of my message. You'll understand better :) ) - J.
participants (2)
-
Joel Burton -
Oliver Marx