1

I have an SSL folder as well as a non SSL part to my site.

If I'm in my SSL folder, referencing any insecure images outside the SSL 'wrapper' gives me the "Parts of the page you are viewing were not encrypted before being transmitted over the Internet" in FF. Expected.

The way I would usually deal with this issue, is to make a copy of my images folder within the SSL folder. But that could turn out to be an admin nightmare becuase I have two sets of images to update.

Is it possible to reference content by using a different method? Perhaps using PHP's document root? What is the recommended method?

Mark
  • 778
  • 2
  • 11
  • 21

2 Answers2

1

Symlink

If you are on a linux box then you can use a symlink to alias all the entire httpdocs folder to the https directory.

ln -s /var/www/vhosts/example.org/httpdoc /var/www/vhosts/example.org/httpsdoc

This is described as

ln -s source_file link_name

This way everything that is in httpdocs is available to the server via httpsdocs as well without copying anything. Obviously if you do not wish to symlink the whole lot you could just symlink your images directory.

You can use this on a box where you are unable to update the virtual host container.

Change the virtual host configuration

This will of course cause all access to both http and https to access the files from the same document root directory.

Change you vhost configuration to be:

# Virtual Hosting
<VirtualHost *:80>
    <IfModule mod_ssl.c>
        SSLEngine off
    </IfModule>
    Include /etc/apache2/server-vhost.conf
</VirtualHost>


# SSL Virtual Hosting
<VirtualHost *:443>
    <IfModule mod_ssl.c>
        SSLEngine on
        SSLOptions +StrictRequire
        SSLCertificateFile /etc/ssl/certs/server.crt
        SSLCertificateKeyFile /etc/ssl/private/server.key
    </IfModule>
    Include /etc/apache2/server-vhost.conf
</VirtualHost>

Then create /etc/apache2/server-vhost.conf as referenced by the Include lines in the two vhost configurations above:

ServerName example.org
ServerAdmin example@example.org
DocumentRoot /var/www/vhosts/example.org/httpdoc
Treffynnon
  • 21,365
  • 6
  • 65
  • 98
  • Treffynnon. Thanks for the reply. Which file does the symlink command write to? Is it a permanent change and what happens if I need to remove the symlink in the future? Bit of an Apache newbie and apprehensive in case I screw things up. – Mark Feb 21 '12 at 15:32
  • `ln` is Linux command. It works like this `ln -s source_file link_name`. You will need to take a backup before doing it as to create the symlink you will need to remove the `httpsdocs` or `link_name` directory first. See http://en.wikipedia.org/wiki/Symbolic_link – Treffynnon Feb 21 '12 at 16:36
  • Thanks Treffynnon, got it working using your symlink example. Just one question: How would I remove a symlink? – Mark Feb 22 '12 at 14:52
  • @monkey64 you use `rm` just like any other __file__. This might help explain it better: http://stackoverflow.com/questions/210120/remove-a-symlink-to-a-directory – Treffynnon Feb 22 '12 at 17:55
0

You could use relative path's to your images. In his case the pictures will be requested with the same protocol as the page itself, HTTPS for a HTTPS-page and HTTP for a HTTP-page.

Edit:

Since we don't know about the directory structure, i add a small example of what i mean.

root/http/index.html
root/https/index.html
root/img/button.png

If we have a file root/http/index.html and a picture in root/img/button.png, we can use the relative path ../img/button.png, this will work whether the page is in the http or in the https subdirectory.

martinstoeckli
  • 23,430
  • 6
  • 56
  • 87
  • This won't work. There files are in two completely different folders. He would need to copy the images or symlink them as in my answer to be able to use your idea. `HTTPS` gets all information from `httpsdocs` whereas `HTTP` gets its information from `httpdocs` so if you were to us a relative URL from HTTPS it would be looking in the wrong directory as the images are in `httpdocs`. – Treffynnon Feb 21 '12 at 12:43
  • @Treffynnon - Maybe you are right, but one can't see that from the question. If both directories, the one for HTTPS and the one for HTTP, are on the same level, you can use a relative path to an image directory ( like ../img/home.png ). If they are on a different level, maybe it's easier to move them, as to search for difficult solutions. This can be used for all shared resources in several directories. – martinstoeckli Feb 21 '12 at 12:51
  • But then that image directory would be outside the document root and therefore unservable. I still cannot see how what you are suggesting would work. – Treffynnon Feb 21 '12 at 12:53
  • That still will not work. See my previous comment: `...that image directory would be outside the document root and therefore unservable`. You cannot refer to files above the document root in this way. The images folder you have specified __is not__ web accessible so this will _not work_. – Treffynnon Feb 21 '12 at 13:08
  • @Treffynnon - Let's say with `root` i meant the same as you with `document root`, then there is no problem. I **do** use it that way sometimes. Why monkey64 wants to use a different directory for SSL is another question. – martinstoeckli Feb 21 '12 at 13:20