Mavens,
Is there a valid--concise(!)--summary of the steps one needs to take to secure a login page using Apache & PHP?
E.g., Assume that one already has an installed SSL certificate (an interesting process in itself)...but then what? I've been reading on the programming s开发者_运维知识库teps for days...and know less about the process than when I started. Is the critical portion of the solution a Rewrite Rule in Apache? If so, then what is mod_ssl in PHP for? If it's mod_ssl, then what's the relationship with Apache's Rewrite rules? Do you use both technologies? One, or the other, but not both? Or...what?
Thank you in advance from a (now very) confused Newbie on this topic.
Best regards,
Plane Wrtyer
You can use this how to to set up an apache directory that requires HTTPS. If you put your log in script there and do
<form action="https://example.com/SSL/login.php" ...
You can create the session and then redirect back whereever you like.
精彩评论