SquidGuard is a URL redirector used to use blacklists with the proxysoftware Squid. There are two big advantages to squidguard: it is fast and it is free.
SSL Encryption
Primary tabs
The typical method of enabling SSL encryption in Apache is to use mod_ssl. A downside of that approach is that SSL does not work with name-based Virtual Hosts (Why can't I use SSL with name-based/non-IP-based virtual hosts?). An alternative is to use mod_gnutls in order to have name-based SSL-enabled Virtual Hosts using the Server Name Indication (SNI) feature of the SSL/TLS protocol ca. However, SNI requires a newer web browser such as Firefox 2.x, Opera 8.x, Internet Explorer 7.x+, Google Chrome, Safara 3.2.1.
- mod_ssl instructions:
Enable SSL in Apache config
Enable the SSL config file in the main Apache config,/usr/local/apache2/conf/httpd.conf
by uncommenting:Include conf/extra/httpd-ssl.conf
Edit the
/usr/local/apache2/conf/extra/httpd-ssl.conf
and comment out the default<VirtualHos>
directive (all the lines in it).
Virtual Hosts with SSL
There's a variety of gotchas with using SSL with Virtual Hosts but by using a wildcard certificate, you can do it (though the end user will still get warnings).
Edit/usr/local/apache2/conf/extra/httpd-vhosts.conf
and add theNameVirtualHost *:443
Then create an entry for your VirtualHost:
<VirtualHost *:443>
ServerName example.com
ServerAlias www.example.com
DocumentRoot /path/to/www.example.com
# Note: SSL settings only need to be defined once!
SSLEngine On
SSLCertificateFile /usr/local/apache2/conf/ssl.crt/server.crt
SSLCertificateKeyFile /usr/local/apache2/conf/ssl.key/server.key
</VirtualHost>For additional VirtualHosts, you can omit the key information:
<VirtualHost 192.168.1.200:80 192.168.1.200:443>
ServerName subsite.example.com
DocumentRoot /path/to/subsite.example.com
</VirtualHost> - mod_gnutls instructions:
Restart Apache using daemontools:
svc -t /service/apache
Verify that it all works by accessing your site from your web browser. Be sure to use "https" instead of "http".
Resources
Guide to Webserver SSL Certificates
- Log in to post comments