BLOGS@DiGiTSS

DiGiTSS Team's Programming experience with PHP, MySQL, Ajax, Javascript, jQuery, C# and Microsoft technologies

Posts Tagged https

Allow only HTTPS access with .htaccess

Apr 26

Posted by Dharmavirsinh Jhala in Apache | No Comments

If you want any of your web-directory to be accessed only via Secure HTTP (HTTPS) protocol then placing following code in ".htaccess" will make sure that any URL or Web-address will be converted from Http to Https.

IndexIgnore *
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

It will rewrite all URLs with HTTPS instead of HTTP. This may be helpful in case while you want only specific directory to be accessed via Secure HTTP or you want your users to redirect to correct address/protocol when they type in http:// by mistake and port 80 is not accessible.

It is also possible to do same with PHP or any other scripting language we use, but then it depends on the application and approach we choose.

Tags: , ,

PHP – Downloading a File from Secure website (https) using CURL

Oct 25

Posted by Dharmavirsinh Jhala in PHP, Tools / Plugins / Extenstion, cURL | 6 Comments

Recently in one of my project I was suppose to download file from a secure website. Actually I have to set the scheduler job for downloading nightly builds/full files from the server and the files are placed on secure website.

Initially I tried that with file_get_contents function but it was just downloading 0KB file. Then it strike me that oh..! I can't use file_get_contents as it can't understand the HTTPS protocol here. So what could help me nothing else then our best friend CURL. file_get_contents and fopen kind of other functions works fine with any http web locations.

Here is the simple CURL file transfer function snippet which will copy file from any secure http location. Read the rest of this entry »

Tags: , , ,

How to generate Certificate Signing Request (CSR) file with Apache OpenSSL

Apr 13

Posted by Dharmavirsinh Jhala in Apache, OpenSSL | 9 Comments

When it comes to use SSL over apache, OpenSSL is there for us to do everything we want. XAMPP and WAMP both comes with OpenSSL compiled version of Apache, so it becomes quite handy to use it. But how to get SSL certificate for your website?For getting SSL certificate you need to ask your hosting company if you are running on shared server and don't have access to apache installation directory and config files. Most of the hosting companies will do this for you with some amount of fee. Fee/cost depends on the kind of certificate you are requesting and for the period of time. For example www.domain.com certificates will be quite cheaper then *.domain.com.

Now if you are running and managing your own webserver and you have to get certificate(s) for your company/client or your own website then first requirement is to generate "Certificate Signing Request" - CSR file, which you need to send to Certificate Authority to sign and give back to you as CRT file. This tutorial is not meant for Apache expert but for those who have not much experience SSL and Apache stuff.

Generation of CSR files with Apache on OpenSSL is quite simple and it is matter of typing few commands and we are done. You need to follow similar commands on OpenSSL prompt whether you are running Apache over Windows or Linux. Here is the routine which we need to follow to get our .CSR file ready.

If you have your Apache setup ready with OpenSSL then goto BIN directory under your Apache's installation directory. If you are on Windows machine then it could be under D:\Program Files\Apache\bin and if it is Linux you know better where to find it. Open Command Prompt and goto Apache's BIN directory and then type "openssl" over there. You will get OpenSSL prompt immediately. You may need not to goto Apache/Bin directory if that path is set in your system variables, you can just type openssl and you will get the prompt like below. Read the rest of this entry »

Tags: , , , ,