# All should use ssl!
<VirtualHost *:443 >
DocumentRoot /var/www/wpmu
ServerName b.uib.no
ServerAlias *.b.uib.no
CustomLog logs/access_log_wpmu combined
ErrorLog logs/error_log_wpmu
<Directory /var/www/wpmu>
AllowOverride FileInfo Options
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
# But we do some exceptions
<VirtualHost *:80 >
DocumentRoot /var/www/wpmu
ServerName b.uib.no
ServerAlias nossl.b.uib.no
CustomLog logs/access_log_wpmu combined
ErrorLog logs/error_log_wpmu
<Directory /var/www/wpmu>
AllowOverride FileInfo Options
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
# Then we do redirects on the rest
<VirtualHost *:80 >
ServerName b.uib.no
ServerAlias *.b.uib.no
RewriteEngine on
RewriteCond %{HTTP_HOST} ^(.*).b.uib.no
RewriteRule ^(.*) https://%1.b.uib.no$1 [R,L]
</VirtualHost>
Remember to enable mod_ssl.
To secure the initial login form add this to wp-config.php:
define( ‘FORCE_SSL_LOGIN’, true);
