yum install mod_ssl /etc/init.d/httpd restartyum creates an ssl.conf.rpmnew file so as to not touch an existing ssl.conf but it won't restart the service the way apt does. If you wish to redirect all traffic to https add the following to your configuration file [0]:
# note that Options FollowSymLinks had to be added above
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
I found the above directives from a Google search. When I added just the above I got "permission denied". So I ran a tail -f error_log and saw something like the following:
[Wed Jan 28 05:19:27 2009] [error] [client 123.456.7.89] Options FollowSymLinks or SymLinksIfOwnerMatch is off which implies that RewriteRule directive is forbidden: /usr/lib/mailman/cgi-bin/listinfoI then looked up FollowSymLinks in Apache's manual. I then went back and changed Options ExecCGI to Options ExecCGI FollowSymLinks and read the documentation on what this does. Since this seemed OK (the only accounts on this server are good ones) I left it. If I hadn't looked at the logs there would have been little hope of figuring it out. I also find it's good to take the time to set up three terminals (edit conf, restart apache, tail logs) and a browser with three tabs (page being tested, manual, Google) when doing this. Footnotes:
[0]
On RedHat the configuration file should be /etc/httpd/conf/httpd.conf. If you originally did a "yum install mailman" then it installs httpd as a dependency. If you're now securing that httpd after installing mailman the RedHat way, then add the rewrite directives to /etc/httpd/conf.d/mailman.conf.
No comments:
Post a Comment