• 6

A PHP Error was encountered

Severity: Notice

Message: Undefined index: userid

Filename: views/question.php

Line Number: 191


File: /home/prodcxja/public_html/questions/application/views/question.php
Line: 191
Function: _error_handler

File: /home/prodcxja/public_html/questions/application/controllers/Questions.php
Line: 433
Function: view

File: /home/prodcxja/public_html/questions/index.php
Line: 315
Function: require_once

name Punditsdkoslkdosdkoskdo

Force https before authentification - no access to vhost

I am a beginner when it comes to servers and I have a problem similar to this one. When accessing the desired webpage, .htpasswd prompts me for an authentification before I am redirected to https.

Is there any workaround solely by editing the .htaccess file, because I have no permission to change the vhost conf file.

The relevant lines in my .htaccess file until now look like this:

BlockquotRewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteCond %{ENV:HTTPS} !=on
RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]

AuthType Basic
AuthName "members only"
AuthUserFile /var/www/myweb/.htpasswd
Require valid-user

RequireSSL has the downside that if someone connects to just "http://" they get an access denied.

A more user friendly solution is to have two VirtualHost entries (one for HTTP, one for HTTPS) and have the first one do a redirect. For example

<VirtualHost *:80>
    ServerName www.yoursite.com
    ServerAlias yoursite.com

    Redirect permanent / https://www.yoursite.com/
<VirtualHost *:443>
    SSLEngine on

    AuthType Basic
    AuthName "members only"
    AuthUserFile /var/www/myweb/.htpasswd
    Require valid-user

In your case, this also means they'll get redirected to the SSL site before being prompted for a password.

  • 0
Reply Report

Trending Tags