i need to lock down a login/registration/password system under ssl

i've never done this stuff before

the mod_perl ssl stuff is a bit lacking in docs, so off of things
i've read in misc places and the 1.0 guide, i have a few questions:

a- is this correct:
the recommended place to run ssl through is some sort of proxy?
ie:
internet ||| -> Load Balancer ( ssl ) -> cluster ( mod_perl /
vanilla / etc )
internet ||| -> Apache Port 80/443 ( ssl + vanilla ) -> mod_perl
( port 8000 )
internet ||| -> Lighttpd Port 80/443 ( ssl + vanilla ) -> mod_perl
( port 8000 )

b- in that scenario, is there any way to make sure that a login
happened via SSL ?
the $ENV{HTTPS} , like in the mp docs , would only be set if we were
using the same modperl for both 80 and 443 and serving directly,
correct ?

any pointers would be greatly appreciated.

//Jonathan Vanasco

|- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - -
| RoadSound.com / Indie-Rock.net
| Collaborative Online Management And Syndication Tools
|- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - -