我怎样才能使网站的一部分不在 web2py 中使用 https?
How can I make part of the website not use https in web2py?
标准 web2py 部署示例要求在全站范围内使用 https。我怎样才能在某些页面上跳过它,或者最好只在管理界面上使用它?在某些页面上,我需要从第三方服务器提供一些内容,这些内容是不安全的,我对此无能为力。
我的站点当前的 Apache 配置是:
<VirtualHost *:80>
ServerName mywebsite.com
ServerAlias mywebsitealias.com
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/ [R,L]
CustomLog /var/log/apache2/access.log common
ErrorLog /var/log/apache2/error.log
</VirtualHost>
<VirtualHost *:443>
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/self_signed.cert
SSLCertificateKeyFile /etc/apache2/ssl/self_signed.key
WSGIProcessGroup web2py
WSGIScriptAlias / /var/www/web2py/wsgihandler.py
WSGIPassAuthorization On
<Directory /var/www/web2py>
AllowOverride None
Require all denied
<Files wsgihandler.py>
Require all granted
</Files>
</Directory>
AliasMatch ^/([^/]+)/static/(?:_[\d]+.[\d]+.[\d]+/)?(.*) \
/var/www/web2py/applications//static/
<Directory /var/www/web2py/applications/*/static/>
Options -Indexes
ExpiresActive On
ExpiresDefault "access plus 1 hour"
Require all granted
</Directory>
CustomLog /var/log/apache2/ssl-access.log common
ErrorLog /var/log/apache2/error.log
</VirtualHost>
我设法通过替换 VirtualHost *:80 ... /VirtualHost 让它工作
使用以下代码位:
<VirtualHost *:80>
WSGIProcessGroup web2py
WSGIScriptAlias / /home/www-data/web2py/wsgihandler.py
WSGIPassAuthorization On
<Directory /home/www-data/web2py>
AllowOverride None
Require all denied
<Files wsgihandler.py>
Require all granted
</Files>
</Directory>
CustomLog /var/log/apache2/access.log common
ErrorLog /var/log/apache2/error.log
</VirtualHost>
http: 过去在 Apache 2.2 上运行良好,然后当 Apache 升级到 2.4 时,安装脚本发生了变化,使一切都变成了 https。以上是我对这两个脚本的混合,虽然我不确定它是否没有故障,但似乎对我有用。
标准 web2py 部署示例要求在全站范围内使用 https。我怎样才能在某些页面上跳过它,或者最好只在管理界面上使用它?在某些页面上,我需要从第三方服务器提供一些内容,这些内容是不安全的,我对此无能为力。
我的站点当前的 Apache 配置是:
<VirtualHost *:80>
ServerName mywebsite.com
ServerAlias mywebsitealias.com
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/ [R,L]
CustomLog /var/log/apache2/access.log common
ErrorLog /var/log/apache2/error.log
</VirtualHost>
<VirtualHost *:443>
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/self_signed.cert
SSLCertificateKeyFile /etc/apache2/ssl/self_signed.key
WSGIProcessGroup web2py
WSGIScriptAlias / /var/www/web2py/wsgihandler.py
WSGIPassAuthorization On
<Directory /var/www/web2py>
AllowOverride None
Require all denied
<Files wsgihandler.py>
Require all granted
</Files>
</Directory>
AliasMatch ^/([^/]+)/static/(?:_[\d]+.[\d]+.[\d]+/)?(.*) \
/var/www/web2py/applications//static/
<Directory /var/www/web2py/applications/*/static/>
Options -Indexes
ExpiresActive On
ExpiresDefault "access plus 1 hour"
Require all granted
</Directory>
CustomLog /var/log/apache2/ssl-access.log common
ErrorLog /var/log/apache2/error.log
</VirtualHost>
我设法通过替换 VirtualHost *:80 ... /VirtualHost 让它工作 使用以下代码位:
<VirtualHost *:80>
WSGIProcessGroup web2py
WSGIScriptAlias / /home/www-data/web2py/wsgihandler.py
WSGIPassAuthorization On
<Directory /home/www-data/web2py>
AllowOverride None
Require all denied
<Files wsgihandler.py>
Require all granted
</Files>
</Directory>
CustomLog /var/log/apache2/access.log common
ErrorLog /var/log/apache2/error.log
</VirtualHost>
http: 过去在 Apache 2.2 上运行良好,然后当 Apache 升级到 2.4 时,安装脚本发生了变化,使一切都变成了 https。以上是我对这两个脚本的混合,虽然我不确定它是否没有故障,但似乎对我有用。