[SSL] seperating public files from private.

[kblessinggr]

Ok, I got an SSL certificate purchased, installed and setup. So that's all good.

But the issue is on my whm/cpanel setup , simply going to https:// is not different than http:// (other than the fact that communication is encrypted to 256bit AES), simply put is there a way via cpanel or whm, to set it up so that port 443 goes to for example /private_html instead of both states going to the same document root in /public_html.

In away, I'm saying I'd like some files (such as backend login) to only be publicly accessible via SSL. There's no private_html folder setup as I've seen on other hosts, everything is pulled from the public_html folder.

 

[coffeebean]

Something like this might work...

# If not HTTPS request
RewriteCond %{SERVER_PORT} !^443$
# redirect login requests to HTTPS
RewriteRule your_cpanel_folder https://your_cpanel_login [R=301,L]

* your_cpanel_folder would be a regex that identifies any cpanel page.

 

[kblessinggr]

Something like this might work...

# If not HTTPS request
RewriteCond %{SERVER_PORT} !^443$
# redirect login requests to HTTPS
RewriteRule your_cpanel_folder https://your_cpanel_login [R=301,L]

* your_cpanel_folder would be a regex that identifies any cpanel page.

Well cpanel runs on an entirely different port, but will definitely look into the Server_port condition for the other stuff.

 

[Victory]

You can force HTTPS for the specific files or directories you want to protect

In the following example, i show how to protect any file which is requested via http://yoursite.faux/protected/

RewriteCond %{REQUEST_URI} ^/protected/.
RewriteCond %{SERVER_PORT} 80
RewriteRule (.*) https://yoursite.faux/$1 [R,L]

You could also look into the %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} directives.

Also this mod_rewrite cheatsheet is handy
Downloading mod_rewrite-cheat-sheet-v2.png - Added Bytes

 

[Rage9]

The only way I can think of doing this is in the apache sites files using virtual hosts. So if you have root access this is pretty doable but if you don't you might be out of luck. Do you have any support with your host? Did you contact them about it?

 

[kblessinggr]

The only way I can think of doing this is in the apache sites files using virtual hosts. So if you have root access this is pretty doable but if you don't you might be out of luck. Do you have any support with your host? Did you contact them about it?

I do have root access, its a dedicated server, I just didn't want to go mucking about a cpanel/whm setup. But I do see in the virtualhost config where it has a separate block for 443.

The original method I quoted by coffeebean, worked in terms of forcing a folder to 443, except I added in a folder condition later mentioned by Victory.