Apache rewrites to run only /nagios at SSL?
Hugo van der Kooij
hvdkooij at vanderkooij.org
Tue Apr 18 23:09:33 CEST 2006
Hi,
I have been playing with apache rewrites to get /nagios (and some other
parts) behind SSL but without the rest of the site ending up as SSL
website.
(Technically it is offtopic, I guess, but close enough to entertain the
Nagios crowd and get some samples documented to prevent others to fall
into this pit.)
Basically I want /nagios and /boss to be redirected to the https server
and anything else going to remain on plain mode.
Forcing /boss is not the issue as it is a directory.
Getting /nagios to do the same seems to be much harder.
The /boss environment works with:
RewriteEngine On
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^/boss(.*)$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R]
Within the <VirtualHost> section.
I tried to modify the nagios config to:
ScriptAlias /nagios/cgi-bin "/usr/lib/nagios/cgi"
<Directory "/usr/lib/nagios/cgi">
RewriteEngine On
RewriteBase /nagios/cgi-bin
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^/nagios(.*)$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R]
# SSLRequireSSL
Options ExecCGI
AllowOverride None
Order allow,deny
Allow from all
AuthName "Nagios Access"
AuthType Basic
AuthUserFile /etc/nagios/htpasswd.users
Require valid-user
</Directory>
Alias /nagios "/usr/share/nagios"
<Directory "/usr/share/nagios">
RewriteEngine On
RewriteBase /nagios
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^/nagios(.*)$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R]
# SSLRequireSSL
Options None
AllowOverride None
Order allow,deny
Allow from all
AuthName "Nagios Access"
AuthType Basic
AuthUserFile /etc/nagios/htpasswd.users
Require valid-user
</Directory>
But somehow it does not redirect as I would expect it to do. Could some
kind sould tell me where I went wrong?
I have also tested with the SSLRequireSSL part enabled but it also
resulted in 403 errors.
Without the rewrite part both http and https access to /nagios works fine
on the server.
Some tech details:
- XOS 4 (RHEL 4 clone)
- Apache 2.0
- Nagios 2.2
All of it installed via packages (Thanks Dag!)
Hugo.
PS: The usual investigation tools (Google) were used before I wrote the
message. There I learned that Alias constructs in apache require more
work with rewrites.
--
I hate duplicates. Just reply to the relevant mailinglist.
hvdkooij at vanderkooij.org http://hvdkooij.xs4all.nl/
Don't meddle in the affairs of magicians,
for they are subtle and quick to anger.
-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.
::: Messages without supporting info will risk being sent to /dev/null
More information about the Users
mailing list