4

I don't know much about if statements in apache configuration, and I'm wondering if I can have a section of the configuration applied only if the request is received on a certain port.

In short, this is about SSL. I have name based virtual hosts, I can make a configuration for port 80, then duplicate it all for port 443, and add the relevant SSL configurations.

But this seems redundant. I was wondering if i can have something like:

<VirtualHost *:80 *:443>

and then I can put:

<IfModule mod_ssl.c>
    SSLEngine on
SSLCertificateFile ...
SSLCertificateKeyFile ...
SSLCACertificateFile ...
</IfModule>

inside an if statement that checks if connection is on port 443... or is such thing impossible? the server supports SNI, and I don't have any worries from non-SNI compliant browsers.

Waleed Hamra
  • 731
  • 6
  • 16

1 Answers1

6

Yes, starting from Apache 2.4, you can use

<If "%{HTTPS} == 'on'">
    # HTTPS-specific configuration here
</If>

in your configuration file.

Many other expressions inside the <If "expression"> bracket are also supported, e.g. actually checking for a specific port, as you suggested. For more details see the Apache docs.

However, keep in mind that some directives will not work within an <If> clause. Check for the allowed contexts of a directive, where <If> counts as a directory context (like <Directory>).

黄雨伞
  • 176
  • 1
  • 4
  • 2
    That's a bunch... but doesn't work with the directives for SSL: SSLEngline, SSLCertificateKeyFile, etc doesn't work inside such an If statement – Raul Luna Sep 23 '18 at 10:14