LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 03-24-2014, 10:36 PM   #1
NotionCommotion
Member
 
Registered: Aug 2012
Posts: 536

Rep: Reputation: Disabled
Need http and https have a different Directory and DocumentRoot?


http://wiki.centos.org/HowTos/Https describes implementing ssl as shown below.

Is there any reason that "Directory" and "DocumentRoot" for http and https need be different as they show in their example?

Note that my website has a single point of entry which I hope to use for both http and https requests.

Code:
Just as you set VirtualHosts for http on port 80 so you do for https on port 443. A typical VirtualHost for a site on port 80 looks like this

<VirtualHost *:80>
        <Directory /var/www/vhosts/yoursite.com/httpdocs>
        AllowOverride All
        </Directory>
        DocumentRoot /var/www/vhosts/yoursite.com/httpdocs
        ServerName yoursite.com
</VirtualHost>

To add a sister site on port 443 you need to add the following at the top of your file

NameVirtualHost *:443

and then a VirtualHost record something like this:

<VirtualHost *:443>
        SSLEngine on
        SSLCertificateFile /etc/pki/tls/certs/ca.crt
        SSLCertificateKeyFile /etc/pki/tls/private/ca.key
        <Directory /var/www/vhosts/yoursite.com/httpsdocs>
        AllowOverride All
        </Directory>
        DocumentRoot /var/www/vhosts/yoursite.com/httpsdocs
        ServerName yoursite.com
</VirtualHost>
 
Old 03-24-2014, 11:26 PM   #2
trbennett48
LQ Newbie
 
Registered: Apr 2011
Location: Oregon
Posts: 25

Rep: Reputation: 3
No, DocumentRoot may be specified in a VirtualHost container (as it was in the example)
or at the ServerConfig level (i.e. NOT within a Directory container or VirtualHost container)

Here is a link to Apache's documentation on DocumentRoot:
http://httpd.apache.org/docs/2.2/mod...l#documentroot

-tony
 
Old 03-25-2014, 05:54 AM   #3
NotionCommotion
Member
 
Registered: Aug 2012
Posts: 536

Original Poster
Rep: Reputation: Disabled
Thanks, but I do not think you understand my question. They show the following two directories to store webpage files. Could both http and https use a common directory?

/var/www/vhosts/yoursite.com/httpdocs/
/var/www/vhosts/yoursite.com/httpsdocs/
 
Old 03-25-2014, 05:58 AM   #4
TenTenths
Senior Member
 
Registered: Aug 2011
Location: Dublin
Distribution: Centos 5 / 6 / 7
Posts: 2,166

Rep: Reputation: 751Reputation: 751Reputation: 751Reputation: 751Reputation: 751Reputation: 751Reputation: 751
Quote:
Originally Posted by NotionCommotion View Post
Thanks, but I do not think you understand my question. They show the following two directories to store webpage files. Could both http and https use a common directory?

/var/www/vhosts/yoursite.com/httpdocs/
/var/www/vhosts/yoursite.com/httpsdocs/
Yes they can served from the same directory. We do it all the time.
 
Old 03-25-2014, 06:03 AM   #5
kirukan
Senior Member
 
Registered: Jun 2008
Location: Eelam
Distribution: Redhat, Solaris, Suse
Posts: 1,272

Rep: Reputation: 148Reputation: 148
It depends. do you need to secure your entire website or some particular pages or sites like user-login, online transaction page etc? think first what do you want to do it

Last edited by kirukan; 03-25-2014 at 06:05 AM.
 
Old 03-25-2014, 06:42 AM   #6
NotionCommotion
Member
 
Registered: Aug 2012
Posts: 536

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by kirukan View Post
It depends. do you need to secure your entire website or some particular pages or sites like user-login, online transaction page etc? think first what do you want to do it
I only need to secure part of the site. For instance, I have these four pages:
Code:
http://www.example.com/index.php?pg=secureLogon
http://www.example.com/index.php?pg=displayNonSecureContent
http://www.example.com/index.php?pg=displaySecureContent
http://www.example.com/index.php?pg=updateRecord
  1. secureLogon will need to be secure. It will use PHP to set a session
  2. displayNonSecureContent does not need to be secure.
  3. displayPrivateContent will display private information only if the previously mentioned session is set.
  4. updateRecord will only be available if the previously mentioned session is set, and will update a database with data not available to the general public.

Questions.
  1. Should displayPrivateContent use https?
  2. Should updateRecord use https?
  3. Need I have two different directories, one for http and the other for https? My thoughts are there might be a performance hit for using https when it doesn't need to be.
  4. How do I keep url length to a minimum? For instance, I would rather not have "http://www.example.com/secure_files/index.php?pg=displayPrivateContent" and "http://www.example.com/non_secure_files/index.php?pg=displayNonSecureContent". If I need two different directories, could I have a secure directory located in a non-secure directory so the non-secure pages at least will have a shorter url?
  5. How does it work if displayNonSecureContent and displayPrivateContent are basically the same page, but displayNonSecureContent displays some additional sensitive information if the user is logged on and the session is set? Will all my links to these pages need to be changed based on whether the user is logged on?
 
Old 03-25-2014, 06:53 AM   #7
TenTenths
Senior Member
 
Registered: Aug 2011
Location: Dublin
Distribution: Centos 5 / 6 / 7
Posts: 2,166

Rep: Reputation: 751Reputation: 751Reputation: 751Reputation: 751Reputation: 751Reputation: 751Reputation: 751
Unless you're serving a huge amount of traffic I'd suggest making the whole site https, that way you'll not have to worry about having scripts / images / etc. served using different protocols / locations and creating the possibility for "only secure content is displayed" issues.
 
Old 03-25-2014, 05:05 PM   #8
jefro
Moderator
 
Registered: Mar 2008
Posts: 15,374

Rep: Reputation: 2198Reputation: 2198Reputation: 2198Reputation: 2198Reputation: 2198Reputation: 2198Reputation: 2198Reputation: 2198Reputation: 2198Reputation: 2198Reputation: 2198
https everywhere!

It would be some very old systems that can't support https so I'd agree with TenTenths if you could make only https.
 
Old 03-26-2014, 12:58 AM   #9
trbennett48
LQ Newbie
 
Registered: Apr 2011
Location: Oregon
Posts: 25

Rep: Reputation: 3
Quote:
Originally Posted by NotionCommotion View Post
Thanks, but I do not think you understand my question. They show the following two directories to store webpage files. Could both http and https use a common directory?

/var/www/vhosts/yoursite.com/httpdocs/
/var/www/vhosts/yoursite.com/httpsdocs/
Yes I understood your question.

DocumentRoot can be specified at the Global Scope (i.e. server config scope),
where it would apply to all VirtualHost's that don't include a DocumentRoot.
DocumentRoot may also be specified in a VirtualHost container (as it is in the example)
where it would apply to only that VirtualHost.

Therefore, you would specify ONE DocumentRoot, which is NOT inside a VirtualHost
container, and it would apply to ALL VirtualHosts (i.e. http and https).

-tony
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
http vs https raj47 Linux - Newbie 14 04-16-2012 01:41 PM
http and https wennie Linux - Software 1 04-01-2005 12:47 PM
HTTP versus HTTPS Linh Linux - Security 5 09-18-2003 12:13 PM
HTTP to HTTPS shegde Linux - Software 8 01-31-2003 05:29 AM
https or http? antken Programming 3 10-30-2002 06:06 PM


All times are GMT -5. The time now is 11:00 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration