ssl only at login page

[videanuadrian]

Hi guys,
i`m trying to redirect login and logout pages to https with apache mod_rewrite and i encounter some problems because the login link is http://myhost.com/otrs/index.pl and if i put a rules like :

RewriteCond %{QUERY_STRING} ^$ [OR]
RewriteCond %{QUERY_STRING} ^Action=Logout
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [NE,L]

some ajax actions does not work anymore (like admin->sysConfig->actions).
any ideas how can i realize that ?
thanks.
Adrian

[videanuadrian]

nobody ?
any idea....
is this a good approach ?

[crythias]

i`m trying to redirect login and logout pages to https with apache mod_rewrite

you could also specify those pages as https:// in SysConfig.

[videanuadrian]

Hi Crythias, thanks for reply.
If you are talking about HttpType directive, from what i understand from file description this is not what i want.
My setup is something like :
customer enter the address http://my.domain.com the it is automatically redirected to https://my.domain.com/otrs/index.pl (this part is done via index.html),
after login the system has to switch back the user to http, because after that i do not need the extra load generated by https on server.
I also looked at loginurl and logouturl directives but to be honest i do not understand the exact purpose of those two.

Regards,
Adrian

[crythias]

loginurl and logouturl directives but to be honest i do not understand the exact purpose of those two.

if you go to the http://otrsserver/otrs/customer.pl and are not logged in, it will redirect you to loginurl

[crythias]

also, what kind of load do you think SSL represents in any noticeable way to your server in 2013?
IMO, you won't notice any difference ever.