Discussion:
listen on multiple ports?
George Barnett
2005-05-16 16:46:10 UTC
Permalink
Hi,

I can't find any documentation on this. I've tried:


server.port = 81, 442

server.port = 81
server.port = 442

server.port = ( 81, 442 ) just causes the server to seg fault.

Cheers,

George
--
George Barnett
Reality Engineer

m: (+44) 778 884 7205
e: ***@alink.co.za

"As an adolescent I aspired to lasting fame, I craved factual certainty,
and I thirsted for a meaningful vision of human life -- so I became a
scientist. This is like becoming an archbishop so you can meet girls."
-- Matt Cartmill
eli
2005-05-16 19:25:51 UTC
Permalink
Post by George Barnett
Hi,
server.port = 81, 442
server.port = 81
server.port = 442
server.port = ( 81, 442 ) just causes the server to seg fault.
Cheers,
George
server.port = 80
$SERVER["socket"] == "0.0.0.0:443" {
ssl.engine = "enable"
ssl.pemfile = "/home/lighttpd/ssl/server.pem"
server.errorlog = "/var/log/lighttpd/error-ssl.log"
accesslog.filename = "/var/log/lighttpd/access-ssl.log"
server.document-root = "/home/lighttpd/html"
}

I recommend you use the $SERVER["socket"] matching capability to use
additional sockets.
George Barnett
2005-05-16 19:44:52 UTC
Permalink
Post by eli
server.port = 80
$SERVER["socket"] == "0.0.0.0:443" {
ssl.engine = "enable"
ssl.pemfile = "/home/lighttpd/ssl/server.pem"
server.errorlog = "/var/log/lighttpd/error-ssl.log"
accesslog.filename = "/var/log/lighttpd/access-ssl.log"
server.document-root = "/home/lighttpd/html"
}
I recommend you use the $SERVER["socket"] matching capability to use
additional sockets.
Fantastic.

Can somebody point me to some documentation? The stuff on the wiki is a
bit sparse. Particularly, I'm looking for info regarding limit access
to a range of IP's. I've seen a host=x.x.x.x but I haven't seen
anything about setting up multiple ranges.

I'm also looking for htpasswd auth. I understand I can require a valid
group, but is there something equivalent to the 'require valid-user' in
apache?

Cheers,

George
--
George Barnett
Reality Engineer

m: (+44) 778 884 7205
e: ***@alink.co.za
George Barnett
2005-05-16 21:09:00 UTC
Permalink
Post by George Barnett
bit sparse. Particularly, I'm looking for info regarding limit access
to a range of IP's. I've seen a host=x.x.x.x but I haven't seen
anything about setting up multiple ranges.
Things like this seem to me to have a great deal of overlap, and when I
think of limiting connections based on addresses, I automatically think
of firewalling, either at the gateway or on the server. You need to ask
yourself where it makes more sense for you to do your filtering.
Firewalling is a bit broad. I'm looking more for permissions per vhost
and directory. Eg: I have a ticketing system which can gladly be open
to the world, since it's SSL and http auth'd, however, there are some
stats pages which should be locked up.

Cheers,

Georgeli
--
George Barnett
Reality Engineer

m: (+44) 778 884 7205
e: ***@alink.co.za
a***@math.duke.edu
2005-05-16 20:59:16 UTC
Permalink
I'm trying to use the below idea to change from my old scheme of
running two lighttpd processes (one for SSL, one for plain). However,
there is one issue I can't resolve:

I want a particular directory to only be accessible through SSL.
I.e.
https://example.org/mydir/*
works fine, bu
http://example.org/mydir/*
either redirects to the above or dies (either is okay, but the former is preferable).

Running 2 servers, this is done with a simple re-direct line:
url.redirect = ( "^/mydir/(.+)" => "https://example.org/mydir/$1" )

However, this causes a redirect loop when just using a socket on the
same server. There must be an easy solution that I haven't tried yet
-- anyone care to share it?

Thanks,
Abe Smith

(also, secondarily, when using a config like that below, the logs are
all piling up in the _ssl.log files, even the non-port-443 data. any
idea why?)
Post by eli
server.port = 80
$SERVER["socket"] == "0.0.0.0:443" {
ssl.engine = "enable"
ssl.pemfile = "/home/lighttpd/ssl/server.pem"
server.errorlog = "/var/log/lighttpd/error-ssl.log"
accesslog.filename = "/var/log/lighttpd/access-ssl.log"
server.document-root = "/home/lighttpd/html"
}
I recommend you use the $SERVER["socket"] matching capability to use
additional sockets.
--
# Abraham David Smith, <***@math.duke.edu> #
# http://fds.duke.edu/db/aas/math/grad/adsmith #
# Mathematics Graduate Student, Duke University #
George Barnett
2005-05-16 21:07:38 UTC
Permalink
Post by a***@math.duke.edu
I'm trying to use the below idea to change from my old scheme of
running two lighttpd processes (one for SSL, one for plain). However,
I want a particular directory to only be accessible through SSL.
I.e.
https://example.org/mydir/*
works fine, bu
http://example.org/mydir/*
either redirects to the above or dies (either is okay, but the former is preferable).
url.redirect = ( "^/mydir/(.+)" => "https://example.org/mydir/$1" )
However, this causes a redirect loop when just using a socket on the
same server. There must be an easy solution that I haven't tried yet
-- anyone care to share it?
You could put the redirect into it's own $SERVER["socket"] structure to
bind it only to port 80.

Cheers,

George
--
George Barnett
Reality Engineer

m: (+44) 778 884 7205
e: ***@alink.co.za
Continue reading on narkive:
Loading...