Force people to access website securely
Novell Cool Solutions: Question & Answer
Reader Rating 
Q:
Is there any way to prevent my web sites from being accessed without encryption? Our users transmit private information, such as user name, password, and other sensitive data, remotely. The HTTP protocol sends that data in plain text, which could be sniffed by a second person within few seconds.
A:
Yes. Your Apache web server must be configured for HTTPS connections.
Append the following lines to the Apache configuration file /etc/httpd/httpd.conf:
<VirtualHost _default_>
Redirect permanent / https://NAME.OF.WEBSERVER/
ServerName NAME.OF.WEBSERVER
ServerAdmin mailadmin@example.com
</VirtualHost>
Modify the entries to your needs. After the Apache configuration is reloaded, all plain HTTP requests are redirected to encrypted HTTPS. This makes it much more difficult to sniff sensitive data.
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com