EPrints Technical Mailing List Archive
See the EPrints wiki for instructions on how to join this mailing list and related information.
Message: #05189
< Previous (by date) | Next (by date) > | < Previous (in thread) | Next (in thread) > | Messages - Most Recent First | Threads - Most Recent First
[EP-tech] Re: repos with a mix of HTTP and HTTPS
- To: "eprints-tech@ecs.soton.ac.uk" <eprints-tech@ecs.soton.ac.uk>
- Subject: [EP-tech] Re: repos with a mix of HTTP and HTTPS
- From: Matthew Kerwin <matthew.kerwin@qut.edu.au>
- Date: Mon, 30 Nov 2015 05:02:36 +0000
For those interested in this topic, it turns out that EPrints::Apache::apache_secure_conf generates a <Location "$https_root"/> block which includes the EPrints_ArchiveID variable. However if $https_root ne $http_root, there is no equivalent block (or EPrints_ArchiveID variable) for the "$http_root" location. So HTTPS requests to locations under $http_root (but not $https_root) are not handled by EPrints. I’ve logged this as https://github.com/eprints/eprints/issues/366 and will start exploring the fix (straight-forward) and potential implications (not so straight-forward.) Cheers -- Matthew Kerwin | QUT Library eServices | matthew.kerwin@qut.edu.au From: eprints-tech-bounces@ecs.soton.ac.uk [mailto:eprints-tech-bounces@ecs.soton.ac.uk] On Behalf Of Matthew Kerwin Hi EPrintsers, I have a query about serving a repository with a mix of HTTP and HTTPS. Currently our two repositories have a pretty standard setup: the bulk of the site is served over plaintext HTTP, including untrusted session cookies. Secure/administrative functions are served over HTTPS. We want to reconfigure the server to use HTTPS for the entire site (for various reasons, Google search rankings high amongst them.) However we want to retain the option of plaintext HTTP access so that some less modern external indexers and crawlers can continue to do their thing. I should point out that our primary repository predates EPrints 3.2, and likely includes a bunch of legacy features and obscure customisations, so what I’m describing may be available out of the box with a fresh install but lost to us personally. However if not, does anybody have any experience doing what I’ve described? Do you have any pointers on what to en/disable in config, or what to tweak (and where) to make the entire site HTTPS-by-default while retaining the option for standard HTTP browsing of “insecure” content? Cheers -- Matthew Kerwin | Senior Web Developer | Applications & Development Team | Library eServices | Queensland University of Technology | Level 3, R Block, Kelvin Grove | matthew.kerwin@qut.edu.au | CRICOS No 00213J |
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
- References:
- [EP-tech] repos with a mix of HTTP and HTTPS
- From: Matthew Kerwin <matthew.kerwin@qut.edu.au>
- [EP-tech] repos with a mix of HTTP and HTTPS
- Prev by Date: [EP-tech] Re: Citation count plugin
- Next by Date: [EP-tech] Re: Different amount of entries
- Previous by thread: [EP-tech] Re: repos with a mix of HTTP and HTTPS
- Next by thread: [EP-tech] Creative commons
- Index(es):