剛剛搞定了 Apache + SSL,再來補上一篇 :D

如果要強迫使用者只能走 HTTPS 連線,那就在 httpd.conf 設定一下

首先找到要強迫走 HTTPS 的 Directory,我把我的 DocumentRoot 的範例放上來

<Directory "/usr/local/www/apache22/data">
    #
    # Possible values for the Options directive are "None", "All",
    # or any combination of:
    #   Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
    #
    # Note that "MultiViews" must be named *explicitly* --- "Options All"
    # doesn't give it to you.
    #
    # The Options directive is both complicated and important.  Please see
    # http://httpd.apache.org/docs/2.2/mod/core.html#options
    # for more information.
    #
    Options FollowSymLinks

    #
    # AllowOverride controls what directives may be placed in .htaccess files.
    # It can be "All", "None", or any combination of the keywords:
    #   Options FileInfo AuthConfig Limit
    #
    AllowOverride None

    #
    # Controls who can get stuff from this server.
    #
    Order allow,deny
    Allow from all

    RewriteEngine on
    RewriteCond %{SERVER_PORT} !^443$
    RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R]

</Directory>

加入上面紅色三行即可 :D

至於要用 PHP 程式去控制的話可以參考這一篇 [PHP] 強制使用https連線

參考資料

[1] 今天也要全力以赴 - Apache 強制使用https

[2] Allen開放源碼研究室 - [PHP] 強制使用https連線

創作者介紹

有為青年生活札記

bojack 發表在 痞客邦 PIXNET 留言(0) 人氣()