[Mailman-Users] Web Admin Security Question
Dennis Putnam
dap1 at bellsouth.net
Wed May 23 14:37:37 CEST 2012
Thanks and you are, of course, correct. I knew that but I was desperate
to try to get something, anything, working. I did fix it but since the
more generic version did not work, it is not a surprise that the more
specific rule does not work either.
Yes I did check all the logs I could thing of but nothing that indicates
it even ran a rewrite rule. I don't see anything in the ssl_access or
error logs either so that tells me ssl is never being used. Does that
not imply that the rewrite engine is not working?
When I use http://... it brings up the correct page. As I said
originally, everything works if I use http or if I manually use https.
It is forcing https that doesn't. Once again it seems to be pointing to
the rewrite engine not working.
On 5/22/2012 2:25 PM, Mark Sapiro wrote:
> Dennis Putnam wrote:
>> I assume you mean the entire mailman site as opposed to the entire web
>> site.
>
> No. I meant the entire web site. Just because you put something in
> /etc/httpd/conf.d/mailman.conf doesn't make it magically just apply to
> Mailman. It depends on where in httpd.conf that file is included.
>
> In a normal Centos distro, the
>
> Include conf.d/*.conf
>
> directive is in the Global Environment section of httpd.conf and thus
> anything in any of the included files affects or at least sets a
> default for the entire site.
>
> If you want to force https only for Mailman CGIs, your rewrite rule
> should be something like
>
> RewriteRule ^/mailman(/.*) https://%{HTTP_HOST}/mailman$1 [L,R]
>
> If you want to include forced https for public archive access (why
> would you?), maybe something like
>
> RewriteRule ^/pipermail(/.*) https://%{HTTP_HOST}/pipermail$1 [R]
> RewriteRule ^/mailman(/.*) https://%{HTTP_HOST}/mailman$1 [L,R]
>
> or
>
> RewriteRule ^/(mailman|pipermail)(/.*) https://%{HTTP_HOST}/$1$2 [L,R]
>
> would be appropriate.
>
>
>> Yes, that is what I want. Yes, it SHOULD work but doesn't. The
>> main problem is that there are no errors anywhere I can find and I have
>> no idea how to debug this.
>
> Have you looked in all the httpd logs (/var/log/httpd/*log)?
>
> What actually happens when you go to
> <http://www.example.com/mailman/admin/>?
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 259 bytes
Desc: OpenPGP digital signature
URL: <http://mail.python.org/pipermail/mailman-users/attachments/20120523/db550dd1/attachment.pgp>
More information about the Mailman-Users
mailing list