diff options
author | Andreas <andreas@immerda.ch> | 2010-01-04 14:09:57 +0100 |
---|---|---|
committer | Andreas <andreas@immerda.ch> | 2010-01-04 14:09:57 +0100 |
commit | 2fdebb7f25fad84a22634119334ddcf63de90723 (patch) | |
tree | 3319f36e9c894eadc0cec85ae5c5b661f3874532 /templates/vhosts/php_gallery2/CentOS.erb | |
parent | 17fc4077826682cb992586f69bd92d33294375c0 (diff) |
gallery redirect user logins to https
Diffstat (limited to 'templates/vhosts/php_gallery2/CentOS.erb')
-rw-r--r-- | templates/vhosts/php_gallery2/CentOS.erb | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/templates/vhosts/php_gallery2/CentOS.erb b/templates/vhosts/php_gallery2/CentOS.erb index 92d5e05..37fac4b 100644 --- a/templates/vhosts/php_gallery2/CentOS.erb +++ b/templates/vhosts/php_gallery2/CentOS.erb @@ -50,6 +50,14 @@ <%- unless php_safe_mode_exec_bins.to_s == 'absent' then -%> php_admin_value safe_mode_exec_dir <%= real_php_safe_mode_exec_bin_dir %> <%- end -%> + # Always rewrite login's + RewriteEngine On + RewriteCond %{HTTP_COOKIE} ^GALLERYSID= [OR] + RewriteCond %{QUERY_STRING} subView=core\.UserLogin + RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [NE,R,L] + # https -> see below + # Then, unset baseUri in config.php (to keep Gallery from trying to redirect users to either HTTP or HTTPS): + # $gallery->setConfig('baseUri', ''); </Directory> <%- end -%> @@ -123,6 +131,13 @@ <%- end -%> # turn allow_url_fopen on for the extension manager fetch php_admin_value allow_url_fopen On + + # Always rewrite login's (see above) + RewriteEngine On + RewriteCond %{HTTP_COOKIE} ="" + RewriteCond %{REQUEST_METHOD} =GET + RewriteCond %{QUERY_STRING} !subView=core\.UserLogin + RewriteRule ^ http://%{HTTP_HOST}%{REQUEST_URI} [NE,R,L] </Directory> <IfModule mod_security2.c> |