Dokuwiki SSL Login rewrite rules

António P. P. Almeida appa at perusio.net
Tue Jun 21 06:18:09 MSD 2011


On 20 Jun 2011 17h33 WEST, lenz at vfemail.net wrote:

> Okay, I started to translate the rule myself and after a bit of
> experimentation I ended up with this. The aim is to force users to
> use the https protocol for login and administration.

What is written on the wiki page you referred:

http://www.dokuwiki.org/tips:httpslogin?s

below the Apache mod_rewrite rules should do the trick. You can
replace the conditions for the query string args by:


## On the http server block.
if ($arg_do ~* (?:log|admin|profile)) {
  rewrite ^ https://$host$request_uri? redirect;
}


## On the https server block.
if ($arg_do = show) {
  rewrite ^ http://$host$request_uri? redirect;
}

if ($arg_do = "") {
  rewrite ^ http://$host$request_uri? redirect;
}

--- appa




> # in context server:
> if ($args ~ do=(login|admin|profile)){
> rewrite ^ https://$server_name$uri redirect;
> }
>
> While this works for Opera, it doesn't work for wget and Firefox:
> There's obviously a redirection loop going on:
>
> % wget --no-check-certificate http://xvt.localhost/start\?do=login
> --2011-06-20 18:25:57--  http://xvt.localhost/start?do=login
> Resolving xvt.localhost... 127.0.1.1
> Connecting to xvt.localhost|127.0.1.1|:80... connected.
>
> HTTP request sent, awaiting response... 302 Moved Temporarily
> Location: https://xvt.localhost/start?do=login [following]
> --2011-06-20 18:25:57--  https://xvt.localhost/start?do=login
> Connecting to xvt.localhost|127.0.1.1|:443... connected.
>
> HTTP request sent, awaiting response... 302 Moved Temporarily
> Location: https://xvt.localhost/start?do=login [following]
> --2011-06-20 18:25:57--  https://xvt.localhost/start?do=login
> Reusing existing connection to xvt.localhost:443.
>
> [... and on and on... until finally ]
>
> 20 redirections exceeded.
>
> In Firefox the message looks like this: "Firefox has detected that
> the server is redirecting the request for this address in a way that
> will never complete."
>
> Any ideas on this?
>
> On 18.06.2011 20:15, lenz at vfemail.net wrote:
>> Dear all,
>>
>> I'm preparing a nginx configuration for Dokuwiki and it all works
>> except the following feature:
>>
>> If a user logs in the protocol force-switches to https and back to
>> plain http after the login. So far, this has been realised with the
>> apache2 rewrite rules which I stole from [1].
>>
>> Can anybody, who is familiar with nginx rewrite rules translate
>> these apache2 rules to nginx? I'm sure many users would benefit
>> from this.  Thank you very much in advance. I hope this is even
>> possible with nginx :S
>>
>> [1] http://www.dokuwiki.org/tips:httpslogin?s[]=ssl&s[]=rewrite
>>
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://nginx.org/mailman/listinfo/nginx



More information about the nginx mailing list