I just installed an SSL cert on my Xserve yesterday and would like to make sure anyone clicking on the "create account or login" link logs in via https, even if they're just browsing the site via http before that.
Is there any way to define that link within MediaWiki's settings as https, not http? I've disabled local accounts and am having users login via our LDAP server and I'd like to make sure none of them login without SSL.
Thanks for your time, Mike
Mike Stanley wrote:
I just installed an SSL cert on my Xserve yesterday and would like to make sure anyone clicking on the "create account or login" link logs in via https, even if they're just browsing the site via http before that.
Is there any way to define that link within MediaWiki's settings as https, not http? I've disabled local accounts and am having users login via our LDAP server and I'd like to make sure none of them login without SSL.
You could perhaps hack SpecialUserlogin.php to check the protocol in $wgServer and redirect if necessary.
-- brion vibber (brion @ pobox.com)
On 5/3/05, Brion Vibber brion@pobox.com wrote:
You could perhaps hack SpecialUserlogin.php to check the protocol in $wgServer and redirect if necessary.
You could do that in LocalSettings.php (or include a file to do that). If the page request was for Special:Userlogin and the protocol is not HTTPS, then redirect to do that.
I highly encourage this route, since it makes upgrades _so_ much easier.
-- Jamie ------------------------------------------------------------------- http://endeavour.zapto.org/astro73/ Thank you to JosephM for inviting me to Gmail! Have lots of invites. Gmail now has 2GB.
mediawiki-l@lists.wikimedia.org