www.webdeveloper.com
Results 1 to 2 of 2

Thread: Mod-Rewrite to ssl: Secure?

  1. #1
    Join Date
    Jul 2003
    Posts
    259

    Mod-Rewrite to ssl: Secure?

    I just bought a hosting account with inmotionhosting.com and they offer a free shared ssl certificate. However, the address I have to point the browser to cannot be https://mysite.com. It must be something like https://secure.inmotionhosting.com. I don't really want the address in the addressbar to show a name other than my domain name so I thought of a workaround but am not sure if it would be secure.

    What if I pointed the browser to somewhere like http:mydomain.com/secure and had an entry in an .htacces file within that folder that rewrote the address to the secure inmotion address. Would this provide the same level of security, or would the information I'm trying to secure be sent to the server over an insecure connection before the rewrite occured?

    Thanks

  2. #2
    Join Date
    Jul 2003
    Posts
    259
    I've done some further research and found that this rewrite works so that if I enter domain.com/secure, the browser is sent to the secure page:

    Code:
    RewriteEngine On
    RewriteCond %{SERVER_PORT} !^443$
    RewriteRule ^(secure)/* https://secure.inmotionhosting.com/test.php
    But I have three questions:

    The important one: Does this offer the same level of encryption of data sent to the server as would be present by simply pointing the browser to the secure server in the first place.

    The others
    1. Whenever I've used a rewrite rule before the address typed in the location bar never changed and the information from the page the user was redirected to was just shown. However, in this case, the secure location is actually shown in the address bar. Is there a way to force the redirection while allowing the address bar to say domain.com/secure

    3. Is there a way to have a redirect rule that allows the user to type https://domain.com and it redirect to the actual secure location without the browser going crazy and claiming that the site is probably fraudulent?

    Thanks

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles