EPrints Technical Mailing List Archive
See the EPrints wiki for instructions on how to join this mailing list and related information.
Message: #06795
< Previous (by date) | Next (by date) > | < Previous (in thread) | Next (in thread) > | Messages - Most Recent First | Threads - Most Recent First
Re: [EP-tech] SSL (HTTPS) only for an EPrints repository
- To: eprints-tech@ecs.soton.ac.uk
- Subject: Re: [EP-tech] SSL (HTTPS) only for an EPrints repository
- From: Matthew Kerwin <matthew@kerwin.net.au>
- Date: Fri, 25 Aug 2017 19:39:35 +1000
Hi Tomasz,
In the non-secure virtual host, the following line will redirect all traffic.
This will redirect clients that don't honour the HSTS headers, as well as pointing clients in the right direction in the first place.
Whilst testing, you might want to leave out the 'permanent' part.
<VirtualHost *:80>
...
Redirect permanent / https://your.repo/
</VirtualHost>
Matthew,
I'm guesing you have something similar somewhere in you :80 vhost?
If not, and the HSTS headers are only sent for the :443 vhost, how does the initial redirect work?
Cheers,
John
- References:
- [EP-tech] SSL (HTTPS) only for an EPrints repository
- From: Tomasz Neugebauer <Tomasz.Neugebauer@concordia.ca>
- Re: [EP-tech] SSL (HTTPS) only for an EPrints repository
- From: Matthew Kerwin <matthew@kerwin.net.au>
- Re: [EP-tech] SSL (HTTPS) only for an EPrints repository
- From: Tomasz Neugebauer <Tomasz.Neugebauer@concordia.ca>
- Re: [EP-tech] SSL (HTTPS) only for an EPrints repository
- From: Matthew Kerwin <matthew@kerwin.net.au>
- Re: [EP-tech] SSL (HTTPS) only for an EPrints repository
- From: John Salter <J.Salter@leeds.ac.uk>
- [EP-tech] SSL (HTTPS) only for an EPrints repository
- Prev by Date: Re: [EP-tech] SSL (HTTPS) only for an EPrints repository
- Next by Date: Re: [EP-tech] Fixity Check and EPrints - Digital Preservation
- Previous by thread: Re: [EP-tech] SSL (HTTPS) only for an EPrints repository
- Next by thread: Re: [EP-tech] SSL (HTTPS) only for an EPrints repository
- Index(es):