Results 1 to 4 of 4
  1. #1

    Default Found a way to force / require SSL access using shared SSL!

    First of all, for the majority of purposes SSL has to be forced otherwise it is of little use. Thus having shared SSL without the ability to force its use makes it of minor utility.

    The problem is all the different approaches I've seen here and in other forums do not work because for some reason Westhost has a perversely different setup. (One almost thinks there is a conspiracy to prevent shared SSL from being used for forced SSL access )

    For example:

    1) forget about using SSLRequireSSL because it just doesn't work

    2) forget about using mod_rewrite, RewriteCond fails because the variables you need to compare against are either not available or do not return values as expected. Without RewriteCond however, any successful rewrite will always result in a loop.

    However there IS a straightforward and easy way to get it to work, just use the "Redirect" directive either in .htaccess or httpd.conf! So if for example you want to force SSL access to, in /var/www/html/blah1/.htaccess, put in the following line:

    Redirect /

    Now, let's just hope WH doesn't disable that

    Any comments on any problems or cons of this approach, do post on this thread. Thanks!

  2. #2


    ^ Scratch that. It turns out the above solution also loops...

    It worked one time... and then failed afterwards

  3. #3
    Junior Member
    Join Date
    Aug 2007

    Exclamation Update?

    Can anyone suggest a new method of how to force the URL to use the shared SSL address? I tried mod_rewrite, but it doesn't seem to work.

    One would think that WestHost would tell us what to do, because without forcing the secure page, the shared SSL feature is almost worthless.

    PS - (Bump x 1000)

  4. #4

    Default Source IP lookup

    It's been a while since I've used the shared SSL stuff, but I remember the source IP being changed to be the west host server. Basically, west host proxies the request through a server with a valid ssl cert.

    If this is still the case, couldn't you check to make sure that it's coming from one of the proxy servers and restrict on that?

    The only risk here would be if they moved the proxies.

Similar Threads

  1. ogg/vorbis, icecast, internet radio...?
    By dmGremlin in forum General Discussion
    Replies: 1
    Last Post: 04-20-2010, 08:32 PM
  2. Shared SSL problems...
    By puffy in forum General Discussion
    Replies: 0
    Last Post: 02-23-2007, 01:16 PM
  3. Shared SSL & Multiple Domains
    By gilamnstr in forum General Discussion
    Replies: 1
    Last Post: 12-08-2005, 10:35 AM
  4. Westhost, osCommerce & Shared SSL
    By visible soul in forum E-commerce
    Replies: 2
    Last Post: 06-12-2004, 12:06 AM
  5. Shared SSL
    By Laila in forum CGI Scripts / Perl
    Replies: 2
    Last Post: 09-16-2003, 08:32 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts