ForceHTTPSLogin
OCLC strongly recommends you use this directive to force SSL for EZproxy-supplied login pages.
By including ForceHTTPSLogin in your config.txt, your users will be redirected to use SSL when accessing EZproxy-provided login pages. This security configuration will keep your server and users' credentials secure.
EZproxy-provided login pages are used to form most authentication methods except for Shibboleth/SAML and CAS.
ForceHTTPSLogin is a position-independent config.txt that presents the login page with a secure https protocol at the beginning of the URL. To use this directive, you must configure your EZproxy to use a secure certificate encrypted with SSL (Secure Socket Layer) technology. For details about SSL Configuration, see SSL Configuration.
Syntax
Option ForceHTTPSLogin
This will cause EZproxy to redirect any requests for the login page to the secure, https URL.
Example
To use Option ForceHTTPSLogin, you need to configure EZproxy to listen on a secure port and configure EZproxy to use an SSL certificate. Once you have completed the steps in SSL Configuration, you can enter the following lines in your config.txt to cause EZproxy to redirect to a secure login page whenever a login page is requested:
LoginPortSSL 443 Option ForceHTTPSLogin
These lines can be entered anywhere in your config.txt; however, most institutions enter these statements towards the top along with other EZproxy configuration information to keep these details separate from the database stanzas.