diff options
author | ramon <ramongomez@us.es> | 2017-03-13 12:29:45 +0000 |
---|---|---|
committer | ramon <ramongomez@us.es> | 2017-03-13 12:29:45 +0000 |
commit | 53419be8368b03678604c7c97940b21976250a90 (patch) | |
tree | 6455fe5ecc2e957c362ae949624547ee90774308 | |
parent | 213a832eadaecd739e7a460f4ea768d21b1f4c31 (diff) |
#708 #718: Usar siempre HTTPS en todo el servidor OpenGnsys (incluido descargas y REST).
git-svn-id: https://opengnsys.es/svn/branches/version1.1@5228 a21b9725-9963-47de-94b9-378ad31fedc9
-rw-r--r-- | admin/WebConsole/index.php | 5 | ||||
-rw-r--r-- | server/etc/apache-prev2.4.conf.tmpl | 13 | ||||
-rw-r--r-- | server/etc/apache.conf.tmpl | 11 |
3 files changed, 21 insertions, 8 deletions
diff --git a/admin/WebConsole/index.php b/admin/WebConsole/index.php index 96f3abbb..346b483a 100644 --- a/admin/WebConsole/index.php +++ b/admin/WebConsole/index.php @@ -14,11 +14,6 @@ if(isset($_SESSION)){ // Si existe algua sesión ... session_unset(); // Elimina variables session_destroy(); // Destruye sesión } -# Cambiar a HTTPS -if (empty ($_SERVER["HTTPS"])) { - header ("Location: https://".$_SERVER["SERVER_NAME"].$_SERVER["PHP_SELF"]); - exit (0); -} // Cargar configuración. include_once("controlacceso.php"); diff --git a/server/etc/apache-prev2.4.conf.tmpl b/server/etc/apache-prev2.4.conf.tmpl index db782843..170b1359 100644 --- a/server/etc/apache-prev2.4.conf.tmpl +++ b/server/etc/apache-prev2.4.conf.tmpl @@ -2,13 +2,24 @@ Alias /opengnsys CONSOLEDIR +RewriteEngine On + # Overrides default CentOS php.ini configuration. php_value short_open_tag on +# Redirect HTTP to HTTPS and default configuration. <Directory CONSOLEDIR> + RewriteCond %{HTTPS} !=on + RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R] Options -Indexes FollowSymLinks DirectoryIndex index.php + AddType octet/stream .pkg </Directory> +# Redirect HTTP to HTTPS and RESTful configuration. <Directory CONSOLEDIR/rest> - AllowOverride All + RewriteBase /opengnsys/rest/ + RewriteCond %{HTTPS} !=on + RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R] + RewriteCond %{REQUEST_FILENAME} !-f + RewriteRule ^ index.php [QSA,L] </Directory> diff --git a/server/etc/apache.conf.tmpl b/server/etc/apache.conf.tmpl index 8c978fd3..5249d3fc 100644 --- a/server/etc/apache.conf.tmpl +++ b/server/etc/apache.conf.tmpl @@ -2,19 +2,26 @@ Alias /opengnsys CONSOLEDIR +RewriteEngine On + # Overrides default CentOS php.ini configuration. php_value short_open_tag on +# Redirect HTTP to HTTPS and default configuration. <Directory CONSOLEDIR> + RewriteCond %{HTTPS} !=on + RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R] Require all granted Options -Indexes +FollowSymLinks DirectoryIndex index.php + AddType octet/stream .pkg </Directory> -# RESTful configuration. +# Redirect HTTP to HTTPS and RESTful configuration. <Directory CONSOLEDIR/rest> - RewriteEngine On RewriteBase /opengnsys/rest/ + RewriteCond %{HTTPS} !=on + RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R] RewriteCond %{REQUEST_FILENAME} !-f RewriteRule ^ index.php [QSA,L] </Directory> |