Question

I would like to change globaly in TWiki the Server URL for request of edit and attach (or all authenticated request to increase security) to an SSL-Server URL. Which variables do I have to set and change?

(It is not enough to change the templates as New topics in the page remain the old insecure url.)

Environment

-- JensRoeder - 14 Jun 2005

Answer

There are probably serveral ways to do that. Here is one:

Install TWiki twice, lets name them Secure and Public:

• Secure TWiki:
  • Runs under SSL
  • Used to change (and view) content
• Public TWiki:
  • Runs under regular HTTP
  • Used to view content only
  • Has a modified skin where the Edit and Attach links are removed
  • TWiki.cfg is configured to share the data and pub directory with the Secure TWiki

-- PeterThoeny - 03 Jul 2005

A different approach (at least if you are using Apache as web server): Let Apache do the work instead of TWiki.

• Configure your web server(s) so that the SSL server uses a different .htaccess file than the insecure server. (This works both with two stand alone servers and with virtual servers)
• In the .htaccess file for the insecure server, redirect all requests to edit etc to the secure server

-- JChristophFuchs - 02 Aug 2005