NYCPHP Meetup

NYPHP.org

[joomla] SSL virtual hosting

Mark Holberg info at waynorth.com
Mon Nov 25 10:36:52 EST 2013 

Gary,

Do you recommend an SSL  be purchsed for every site? Or would 
self-signed certificates be acceptable?

If there is an SSL covering the entire server, accessing the Joomla 
login  page  via the virtual directory can be done securely. That is, if 
you have not canonicalized the site's default URL using .htaccess

Mark

  On 11/25/2013 8:39 AM, Gary A. Mort wrote:
> I hadn't looked at how SSL works on web servers for a number of 
> years.  The last time I worked with SSL the common rule was that you 
> had to have a  distinct IP address for every domain name that you 
> wanted to use SSL for[so you could have an SSL certificate for each 
> different domain]
>
> Heck, even the Apache Wiki still states it in some places:
> http://wiki.apache.org/httpd/NameBasedSSLVHosts
>
> However, when poking around I ran across references to SNI and using 
> multiple certificates for the same IP Address. 
> http://www.ietf.org/rfc/rfc4366.txt This dates all the way back to 
> 2006, so it has been around for quite a while!
>
> Browser support for it goes back a good way as well:
> http://en.wikipedia.org/wiki/Server_Name_Indication#Browsers_with_support_for_TLS_server_name_indication.5B6.5D
>
> Interestingly, for Internet Explorer it isn't the browser version 
> which matters, but the operating system, IE uses the operating system 
> to perform SSL encryption.  This means that it won't work in IE on 
> Windows XP or any earlier windows operating system.  It will work for 
> Internet Explorer on Windows Vista[released in 2007] and any later 
> windows operating system.
>
> As such, it's a fair to say that SSL for virtual hosts will work for 
> almost all users these days - and there is no reason not to enforce 
> the use of SSL for the Joomla Admin section as well as make sure that 
> all your admin users, at the very least, use SSL when they log on to 
> your websites.
>
> This may be old news to everyone here, but since it was new to me I 
> figured I'd pass it on.
>
>
> _______________________________________________
> New York PHP SIG: Joomla! Mailing List
> http://lists.nyphp.org/mailman/listinfo/joomla
>
> NYPHPCon 2006 Presentations Online
> http://www.nyphpcon.com
>
> Show Your Participation in New York PHP
> http://www.nyphp.org/show_participation.php

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/joomla/attachments/20131125/52255205/attachment.html>

More information about the Joomla mailing list