...
- Apache HttpServer is configured to require all requests to the four DuraCloud web applications (/duradmin, /durastore, /duraservice, and /duraboss) go over https.
Below are the https enforcement rules configured in Apache
Code Block ### # ensure 'duradmin' uses https ### RewriteCond %{REQUEST_URI} /duradmin RewriteCond %{SERVER_PORT} !^443$ RewriteRule ^(.*)$ https://%{SERVER_NAME}$1 [R=301,L] ### # try to require https for 'durastore', 'duraservice', & 'duraboss' for # external requests ### RewriteCond %{REQUEST_URI} ^(/durastore|/duraservice|/duraboss) RewriteCond %{SERVER_PORT} !^443$ RewriteCond %{SERVER_NAME} !^localhost$ RewriteCond %{SERVER_NAME} !^127.0.0.1$ RewriteCond %{REMOTE_HOST} !^127.0.0.1$ RewriteCond ${local-ip-map:%{REMOTE_HOST}} !^localhost$ RewriteRule ^(.*)$ https://%{SERVER_NAME}$1 [R=301,L]
...