[pmwiki-users] https with PmWiki

Neil Herber (nospam) nospam at eton.ca
Mon May 29 13:52:28 CDT 2017

On 2017-05-29 2:28 PM, Christopher Cox wrote:

>> My installations contains a standard PmWiki (with some cookbooks...),
>> Apache
>> running on a FreeBSD-server that I have total control over.
> For apache I use in my .htaccess (this should be generic enough),
> before your other rules:
> RewriteEngine On
> RewriteCond %{HTTPS} off
> RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

An even simpler (and I suspect more efficient) way is as follows in
httpd.conf (assuming you have full server control):

> <VirtualHost *:443>
>     ServerName mugoo.com
>     ServerAlias *.mugoo.com *.mugoo.ca
>     <If "%{HTTP_HOST} != 'mugoo.com'">
>     Redirect / https://mugoo.com/
>     </If>
>      DocumentRoot xxxx/MUGOO
>     SSLEngine on
>     SSLCertificateFile "xxxx.crt"
>     SSLCertificateKeyFile "xxxx.key"
> </VirtualHost>
> ####-----------------vhosts that were moved to secure
> folders------------------####
> ####
> <VirtualHost *:80>
> ServerName mugoo.com
>     ServerAlias  mugoo.ca *.mugoo.ca *.mugoo.com
>     Redirect permanent / https://mugoo.com/
> </VirtualHost>

I have 5 wikis in a farm that I moved to https using similar conf lines
as above. I dislike using ReWrite because it has so many options I am
always afraid of putting in something insecure. The redirect permanents
are dead simple and don't require any changes to the original sites as
long as they use all relative links. I had to patch a few fully
qualified links.

As far as I can recall I did not have to make any code changes toPmWiki
sites, but getting SMF and WordPress to work under SSL is more difficult.

If anybody sees any holes in this setup, please let me know!  ;-)


Neil Herber

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.pmichaud.com/pipermail/pmwiki-users/attachments/20170529/f6434590/attachment.html>

More information about the pmwiki-users mailing list