[EP-tech] repos with a mix of HTTP and HTTPS

[matthew.kerwin at qut.edu.au (Matthew Kerwin)]

Hi EPrintsers, I have a query about serving a repository with a mix of HTTP
and HTTPS.

 

Currently our two repositories have a pretty standard setup: the bulk of the
site is served over plaintext HTTP, including untrusted session cookies.
Secure/administrative functions are served over HTTPS.

 

We want to reconfigure the server to use HTTPS for the entire site (for
various reasons, Google search rankings high amongst them.) However we want
to retain the option of plaintext HTTP access so that some less modern
external indexers and crawlers can continue to do their thing.

 

I should point out that our primary repository predates EPrints 3.2, and
likely includes a bunch of legacy features and obscure customisations, so
what I'm describing may be available out of the box with a fresh install but
lost to us personally. However if not, does anybody have any experience
doing what I've described?

 

Do you have any pointers on what to en/disable in config, or what to tweak
(and where) to make the entire site HTTPS-by-default while retaining the
option for standard HTTP browsing of "insecure" content?

 

Cheers

-- 

Matthew Kerwin  |  Senior Web Developer  |
<https://wiki.qut.edu.au/display/lib/Digital+Repository+Team> Applications &
Development Team  |  Library eServices  |  Queensland University of
Technology  |  Level 3, R Block, Kelvin Grove  |
<mailto:matthew.kerwin at qut.edu.au> matthew.kerwin at qut.edu.au  |  CRICOS No
00213J

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ecs.soton.ac.uk/pipermail/eprints-tech/attachments/20151123/f3d0ff09/attachment.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4845 bytes
Desc: not available
Url : http://mailman.ecs.soton.ac.uk/pipermail/eprints-tech/attachments/20151123/f3d0ff09/attachment.bin