What are the odds? https -> http requests
Is it possible to have mod_proxy and mod_proxy_html settings on your Apache configs able to convert https requests to http?
Using mod_proxy and other reverse proxy technologies?
Vaguely user browser <---your favourite secure web server---> http <---your preferred reverse proxy server---> first https connection established
----------Halle Berry is not my roommate, therefore, I can't be sleep walking--------- Is it possible to have mod_proxy and mod_proxy_html settings on your Apache configs able to convert https requests to http? Using mod_proxy and other reverse proxy technologies? user browser <---your favourite secure web server---> http <---your preferred reverse proxy server---> first https connection established ----------Halle Berry is not my roommate, therefore, I can't be sleep walking--------- *Mumbles back to bed......
On Tue, Jan 25, 2011 at 2:47 AM, Patrick Kariuki <patrick.kariuki@gmail.com> wrote:
Is it possible to have mod_proxy and mod_proxy_html settings on your Apache configs able to convert https requests to http?
Man-in-the-middle? BR S -- This message represents the official view of the voices in my head.
A MITM attack would be a consequence of such a setup - this could be a reason why Mobile service providers are not to keen to freely give out APIs to their mobile payment solutions particularly for web applications. It could also explain how law enforcement authorities are able to access and use information from social websites(e.g facebook) about criminals or suspects. Just a theory.... installing a reverse proxy solution and converting all https requests to http would prove this, but this would only work on host web servers with access to both ports 80 and 443.
participants (2)
-
Patrick Kariuki -
Steve Muchai