Posts by Eomer

  • Protected areas and rewriting to HTTPS

    Hey Guys,


    im using IMSCP for 3 months now and i love it.
    Im a newbie administrator and still learning (its just a test enviroment).


    Right now im trying to secure the system (add protected areas, iptables, change ssh port...)


    I want to protect the /htdocs directory using a basic auth (protected areas), but i want to run it over ssl.
    The problem is:


    I get the auth prompt two times.
    connecting to Port 80 -> auth prompt -> rewriting to port 443 -> auth prompt.


    I want it to work that way:


    www.domain.com:80 -> rewriting -> www.domain.com:443 -> auth prompt
    domain.com:80 -> rewriting -> www.domain.com:443 -> auth prompt



    Thats whats in the .htaccess file right now.


    Code
    1. ### START i-MSCP PROTECTION ###
    2. AuthType Basic
    3. AuthName "Webinterface"
    4. AuthUserFile /var/www/virtual/domain.com/.htpasswd
    5. Require user XYZ
    6. ### END i-MSCP PROTECTION ###
    7. RewriteEngine On
    8. RewriteCond %{HTTPS} !=on
    9. RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]

    Any suggestions?
    Its a debian 8 Server btw.



    Im looking forward to your replies.




    kind regards
    eomer