Now that I've migrated my blog to a SQL Database, Blosxonomy had lost some of Blosxom like ease of use, so I decided it was necessary to create a web-based interface to post to my blog. I had originally thought I'd just use my entry-conversion utility and continue to write Blosxom style posts, but quickly decided that was absurd. For those of you keeping track of Blosxonomy, this feature will be included in 0.7.3, which is in the final testing stages now.

In any event, I needed to protect the page that posts to my website from being accessed, and use mod_ssl and mod_rewrite to do it.

In particular, I needed to hide /post from general access - to do this, I added a simple rewrite rule to redirect it to my SSL secured site:

RewriteRule ^/post(.*) https://www.timfanelli.com/post$1

Then, in my :443 virtual host, I added two redirect rules to pass anything other than /post back to the main site:

NameVirtualHost *:443

<VirtualHost *:443>
  ServerName www.myhostname.com

  # SSL Engine options go here
  # Directory authentication options go here

  RewriteEngine On
  RewriteRule /post(.*) /post$1 [PT,L]
  RewriteRule ^(.*)$ http://www.timfanelli.com$1 [R=301]
</VirtualHost>

That way, any requests to /post stay on the SSL protected site, any other requests go back to the main, non-SSL site. The SSL Engine options section enables SSL and directs apache to use my self-signed certificate (see how to create one here), and I copied the <Directory> element from my main site into the virtual host, and added a Require valid-user statement using DIGEST authentication.

This provides a secure place for me to make entries to my blog, and prevents general viewing of my site via SSL to minimize the performance overhead (while I love my mac and the G4 processor, SSL is not its strong point).