i need to lock down a login/registration/password system under ssl i've never done this stuff beforethe mod_perl ssl stuff is a bit lacking in docs, so off of things i've read in misc places and the 1.0 guide, i have a few questions:
a- is this correct: the recommended place to run ssl through is some sort of proxy? ie:internet ||| -> Load Balancer ( ssl ) -> cluster ( mod_perl / vanilla / etc ) internet ||| -> Apache Port 80/443 ( ssl + vanilla ) -> mod_perl ( port 8000 ) internet ||| -> Lighttpd Port 80/443 ( ssl + vanilla ) -> mod_perl ( port 8000 )
b- in that scenario, is there any way to make sure that a login happened via SSL ? the $ENV{HTTPS} , like in the mp docs , would only be set if we were using the same modperl for both 80 and 443 and serving directly, correct ?
any pointers would be greatly appreciated. //Jonathan Vanasco|- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
| RoadSound.com / Indie-Rock.net | Collaborative Online Management And Syndication Tools|- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Mail converted by mhonarc 2.6.15
This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.