Mavens,
Is there a valid--concise(!)--summary of the steps one needs to take to secure a login page using Apache & PHP?
E.g., Assume that one already has an installed SSL certificate (an interesting process in itself)...but then what? I've been reading on the programming steps for days...and know less about the process than when I started. Is the critical portion of the solution a Rewrite Rule in Apache? If so, then what is mod_ssl in PHP for? If it's mod_ssl, then what's the relationship with Apache's Rewrite rules? Do you use both technologies? One, or the other, but not both? Or...what?
Thank you in advance from a (now very) confused Newbie on this topic.
Best regards,
Plane Wrtyer
You can use this how to to set up an apache directory that requires HTTPS. If you put your log in script there and do
You can create the session and then redirect back whereever you like.