hello all, so here's my situation: since i cannot publish links http:// = "insecure://" https:// = "secure://" The Problem/Requirements: I got one machine (running Ubuntu 12.04) on my local network which runs 2 services (sabnzbd and torrentflux the php client for torrents). There is no dns since it is only one machine, so lets say this machine has ip 192.168.1.2 on the local network. I can access the two services in my LAN from these URLs: insecure://192.168.1.2/torrentflux (port:80) insecure://192.168.1.2:8080/sabnzbd what i am trying to do first is to create two virtual host files (one for each service) that are placed in /etc/apache2/sites-available (and /sites-enabled when enabled) so that when i visit the above URLs i will get redirected to port 443 (https) so basically to make this more clear: 1st case: visit--> insecure://192.168.1.2/torrentflux --> secure://redirected to 192.168.1.2/torrentflux 2nd case: visit--> insecure://192.168.1.2:8080/sabnzbd --> secure://redirected to 192.168.1.2/sabznbd from there I can open the 443 external port of my router and have the applications being served externally by accessing secure://myexternalip/torrentflux and secure://myexternalip/sabnzbd. Additionally I require authentication whenever i visit these two URLs, either locally or externally there should always be authentication. The Solution: So I came up with the following two vhost files but they don't work quite right. The behavior is the following: 1st case: visit--> insecure://192.168.1.2:8080/sabnzbd --> re-directed to https version and prompted with self-signed certificate acceptance page --> accept --> prompted with apache authentication dialogue box --> enter username/password --> enter the site. The overall behavior is CORRECT. 2nd case: visit --> insecure://192.168.1.2/torrentflux --> re-directed to https version and prompted with self-signed certificate acceptance page --> accept --> NO apache authentication dialogue box --> enter the site. Behavior is wrong since in this case for some reason apache authentication is being bypassed. also whenever i reload apache configuration when these two virtual hosts are enabled I get the following warning: [warn] _default_ VirtualHost overlap on port 443, the first has precedence Code (markup): Maybe there's a simpler way of doing this, but i'm not an expert, i've tried looking for examples but i couldn't find much. Any help will be appreciated. Thanks. VHOST files: sabnzbd vhost <VirtualHost *:80> ServerName 192.168.1.2 <Location /> RedirectPermanent / https://192.168.1.2/ </Location> </VirtualHost> <VirtualHost *:443> ServerName 192.168.1.2 <Proxy *> Order deny,allow Allow from all </Proxy> SSLEngine on SSLProxyEngine On SSLCertificateFile /etc/apache2/ssl/server.crt SSLCertificateKeyFile /etc/apache2/ssl/server.key <Location /sabnzbd> Order deny,allow Allow from all AuthType Basic AuthName "Abandon all hope ye who enter here" AuthUserFile /opt/passwd/sabnzbd Require valid-user ProxyPass http://localhost:8080/sabnzbd ProxyPassReverse http://localhost:8080/sabnzbd </Location> ErrorLog /var/log/apache2/nzb-error.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn CustomLog /var/log/apache2/nzb-access.log combined CookieLog /var/log/apache2/nzb-cookie.log </VirtualHost> Code (markup): torrentflux vhost <VirtualHost *:80> RewriteEngine on ReWriteCond %{SERVER_PORT} !^443$ RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L] </VirtualHost> <VirtualHost *:443> DocumentRoot /usr/share/torrentflux/www/ SSLEngine on SSLCertificateFile /etc/apache2/ssl/server.crt SSLCertificateKeyFile /etc/apache2/ssl/server.key <Location /> Order deny,allow Allow from all AuthType Basic AuthName "Abandon all hope ye who enter here" AuthUserFile /opt/passwd/sabnzbd Require valid-user </Location> ErrorLog /var/log/apache2/nzb-error.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn CustomLog /var/log/apache2/nzb-access.log combined CookieLog /var/log/apache2/nzb-cookie.log </VirtualHost> Code (markup):