[opencms-dev] Force HTTPS for workplace access

Arash Kaffamanesh ak at cloudssky.com
Fri Apr 11 15:03:43 CEST 2014


Hi,

 you shall use an apache rewrite rule in your vhost to bump the user to the
login page:

RewriteRule ^/system/login.* https://<workplaceserver>/system/login/ [L,R]


See also page 36 here:

http://ow.ly/uFzGk

Kind Regards,
Arash


On Fri, Apr 11, 2014 at 2:53 PM, Paul-Inge Flakstad <flakstad at npolar.no>wrote:

> Hi,
>
>
>
> I’d like to force HTTPS for workplace login / communication. Is there an
> easy way?
>
>
>
> According to the wiki (
> http://www.opencms-wiki.org/wiki/Enforcing_SSL_Encryption_for_the_Opencms_workplace), “somebody [who] tries to access the workplace using an unsafe
> connection, [...] will be automatically redirected to the secured
> connection”.
>
>
>
> Well, not so in my case – I can access the workplace login using *both*
> HTTP and HTTPS, no HTTP -> HTTPS redirect.
>
>
>
> OpenCms is 7.5.2. I’ve got Apache in front.
>
>
>
> Cheers,
>
> Paul
>
>
>
> _______________________________________________
> This mail is sent to you from the opencms-dev mailing list
> To change your list options, or to unsubscribe from the list, please visit
> http://lists.opencms.org/cgi-bin/mailman/listinfo/opencms-dev
>
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://webmail.opencms.org/pipermail/opencms-dev/attachments/20140411/98411b0d/attachment.htm>


More information about the opencms-dev mailing list