/conf/lighttpd/vhosts.d/alcasar-with-ssl.conf |
---|
20,16 → 20,12 |
ssl.use-compression = "disable" |
ssl.honor-cipher-order = "enable" |
ssl.cipher-list = "ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS" |
var.server_name = "alcasar.localdomain" |
server.name = server_name |
server.document-root = "/var/www/html" |
} |
$HTTP["scheme"] == "https" { |
alias.url = ( |
"/save" => "/var/Save" |
) |
81,11 → 77,6 |
} |
$HTTP["scheme"] == "http" { |
# Force HTTPS for specific pages |
# $HTTP["url"] =~ "^/(acc|save|(intercept|password).php)" { |
$HTTP["url"] =~ "^/(acc|save)" { |
$HTTP["host"] =~ ".*" { |
url.redirect = (".*" => "https://%0$0") |
# Force HTTPS on all pages |
url.redirect = ("" => "https://${url.authority}${url.path}${qsa}") |
} |
} |
} |
/conf/lighttpd/vhosts.d/alcasar-without-ssl.conf |
---|
82,7 → 82,6 |
$HTTP["scheme"] == "http" { |
# Force HTTPS for specific pages |
# $HTTP["url"] =~ "^/(acc|save)" { |
$HTTP["url"] =~ "^/(acc|save)" { |
$HTTP["host"] =~ ".*" { |
url.redirect = (".*" => "https://%0$0") |
/scripts/alcasar-https.sh |
---|
28,7 → 28,7 |
echo "$usage" |
exit 0 |
;; |
--off | -off) # disable HTTPS |
--off | -off) # Chilli : disable HTTPS (it will listen only on 3990 port) + lighttpd : switch with an HTTP conf file |
$SED "s?^HTTPS_LOGIN=.*?HTTPS_LOGIN=off?" $CONF_FILE |
$SED "s?^HTTPS_CHILLI=.*?HTTPS_CHILLI=off?" $CONF_FILE |
$SED "s?^uamserver.*?uamserver\thttp://$HOSTNAME.$DOMAIN/intercept.php?" $CHILLI_CONF_FILE |
39,7 → 39,7 |
ln -s /etc/lighttpd/vhosts.d/alcasar-without-ssl.conf /etc/lighttpd/vhosts.d/alcasar.conf |
/usr/bin/systemctl restart lighttpd |
;; |
--on | -on) # enable HTTPS |
--on | -on) # Chilli : enable HTTPS (it will listen on ports 3990 (http) and 3991 (https) + lighttpd : switch with an HTTPS conf file |
$SED "s?^HTTPS_LOGIN=.*?HTTPS_LOGIN=on?" $CONF_FILE |
$SED "s?^HTTPS_CHILLI=.*?HTTPS_CHILLI=on?" $CONF_FILE |
$SED "s?^uamserver.*?uamserver\thttps://$HOSTNAME.$DOMAIN/intercept.php?" $CHILLI_CONF_FILE |