Article 6897 at 06/09/13 16:58:36 From: Administration (at mark) cnx-solutions.com Subject: [coba-e:06897] HTTP/HTTPS Logins

Index: [Article Count Order] [Thread]

Date:  Wed, 13 Sep 2006 21:24:28 +0100
From:  "Connexions Web Solutions" <Administration (at mark) cnx-solutions.com>
Subject:  [coba-e:06897] HTTP/HTTPS Logins
To:  coba-e (at mark) bluequartz.org
Message-Id:  <4508770C.1121.29D3A63@localhost>
X-Mail-Count: 06897

Hi Blues,

 I have just noticed, which I hadnt before, that even if you untick the
 secure box on the interface it still uses port 444.

This is setup in /etc/httpd/conf.d/bluequartz.conf - a request for
http://domain.tld/login is 302'd  to http://domain.tld:444/login.php. I
assume this is so that all is secure until you explicitly choose not to 
use a secure connection. 

Anyone think of any reason why we couldnt
rem out this rewrite rule and try to access the login page on port 80. 
and is it is safe to do it ?

Reason for request is we can then turn off HTTPS in the firewall, so 
its one less port for the kiddy hackers.

Rgds.

Keith Reynolds