Announcement

Collapse
No announcement yet.

https:// ?

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • [Resolved] https:// ?

    Hello!

    please, I have the following problem: the forum address https: // <address> returns a totally unconfigured forum page.
    however, with the address http: // <address>, the returned page is normal.

    so that the address https: // <address> also returns a perfect page the change is made in admincp:
    admincp >> settings >> options >> "Site Name / URL / Contact Details" and put https: // under "vBulletin URL", "Login URL" and "Core URL" and select YES under "HTTPS terminates before the webserver "

    Is that correct? Do I need to make another change in admincp?

    and for automatic redirection to the https: // page when entering the forum address in the browser? Where should I change?
    I'm using version 5.5.0.

    thank you!

  • #2
    Is your web server behind a load balancer that doesn't forward https? If not, then "HTTPS terminates before the webserver" should be no.

    You would redirect from http to https at the server level. There is code in the provided .htaccess file but it is commented out. Review that file and read the comments for instructions.
    Translations provided by Google.

    Wayne Luke
    The Rabid Badger - a vBulletin Cloud customization and demonstration site.
    vBulletin 5 Documentation - Updated every Friday. Report issues here.
    vBulletin 5 API - Full / Mobile
    I am not currently available for vB Messenger Chats.

    Comment


    • #3
      Okay, thanks, Wayne!

      the server does not have a load balancer. so I left this option as NO. right?

      the .htacess file (/ forum) did not have the lines for the redirect. I found these lines in htaccess.txt and copied them to the .htaccess file. I copied these lines:
      #To redirect users to the secure version of your site, uncomment the lines below
      #RewriteCond %{HTTPS} !=on
      #RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]

      I removed the comments from the last two lines. right?

      what happened:
      - addresses with or without www are directed to https: //. all right at this point;
      - despite https: // and the valid certificate, there is still information that the connection to the site is not completely secure. what remains to be done for the browser to consider the site secure?
      interesting that when I access adminccp, the browser considers this page safe ...

      thank you!

      Comment


      • #4
        Originally posted by -=|zami|=- View Post
        Okay, thanks, Wayne!

        the server does not have a load balancer. so I left this option as NO. right?

        the .htacess file (/ forum) did not have the lines for the redirect. I found these lines in htaccess.txt and copied them to the .htaccess file. I copied these lines:
        #To redirect users to the secure version of your site, uncomment the lines below
        #RewriteCond %{HTTPS} !=on
        #RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]

        I removed the comments from the last two lines. right?

        what happened:
        - addresses with or without www are directed to https: //. all right at this point;
        - despite https: // and the valid certificate, there is still information that the connection to the site is not completely secure. what remains to be done for the browser to consider the site secure?
        interesting that when I access adminccp, the browser considers this page safe ...

        thank you!
        Everything on a page needs to be https for the site be seen as secure.

        So if you have any embedded images that use http, for example, you'll need to edit these and either change them to https, or remove them completely.
        MARK.B | vBULLETIN SUPPORT

        TalkNewsUK - My vBulletin 5.5.2 Demo
        AdminAmmo - My Cloud Demo

        Comment


        • #5
          Originally posted by Mark.B View Post
          So if you have any embedded images that use http, for example, you'll need to edit these and either change them to https, or remove them completely.
          Or you can block mixed content to prevent non-https user-generated content (e.g. images) to break https on your site.

          https://vbmods.rocks/forum/vbulletin...t-ssl-breaking



          GIPHY for vB5 AutoLinker Social Icons in Postbit Like Counts on Postbit Clear Cache Cron DragDrop Upload Topic AJAX AutoUpdate Custom Avatars Selector Stop Links in Posts ...and more!

          Comment


          • #6
            Great tip Mark!
            resolved!

            thank you very much!

            Comment


            • #7
              Originally posted by Glenn Vergara View Post
              Or you can block mixed content to prevent non-https user-generated content (e.g. images) to break https on your site.

              https://vbmods.rocks/forum/vbulletin...t-ssl-breaking

              Thank you Glenn! had not seen his message.

              but from what I read in the link, that solution is not supported by IE, correct?

              Comment


              • #8
                Originally posted by -=|zami|=- View Post
                but from what I read in the link, that solution is not supported by IE, correct?
                IE is no longer an active development project.

                Translations provided by Google.

                Wayne Luke
                The Rabid Badger - a vBulletin Cloud customization and demonstration site.
                vBulletin 5 Documentation - Updated every Friday. Report issues here.
                vBulletin 5 API - Full / Mobile
                I am not currently available for vB Messenger Chats.

                Comment


                • #9
                  Originally posted by -=|zami|=- View Post
                  but from what I read in the link, that solution is not supported by IE, correct?
                  Correct but it's still good to use for the rest of the modern browsers.

                  IE11 usage is low and it will soon be dead. Do you still care for IE browser? Do you have a lot of IE11 users?

                  GIPHY for vB5 AutoLinker Social Icons in Postbit Like Counts on Postbit Clear Cache Cron DragDrop Upload Topic AJAX AutoUpdate Custom Avatars Selector Stop Links in Posts ...and more!

                  Comment


                  • #10
                    hello, Glenn!

                    IE users represent only 1% today. I think the code is worth inserting.

                    thank you!

                    Comment


                    • #11
                      Yeah. Especially that a new security flaw is recently discovered on IE.

                      https://www.engadget.com/2019/04/14/...aling-exploit/

                      GIPHY for vB5 AutoLinker Social Icons in Postbit Like Counts on Postbit Clear Cache Cron DragDrop Upload Topic AJAX AutoUpdate Custom Avatars Selector Stop Links in Posts ...and more!

                      Comment


                      • #12
                        Internet Explorer should only be used in enterprise settings when required for proprietary apps and there is no workaround. This is the actual guidance from Microsoft. If you're on Windows 10, you should use Chrome, Firefox, Edge, or one of the dozen Chromium variants available. If you're on Windows 7, 8, or 8.1 still, then you should use Chrome, Firefox, or one of the dozen Chromium variants available.

                        Later this year or early next year, Edge should be available for Windows 7, 8, and 8.1. After it is rebuilt as a Chromium variant.
                        Translations provided by Google.

                        Wayne Luke
                        The Rabid Badger - a vBulletin Cloud customization and demonstration site.
                        vBulletin 5 Documentation - Updated every Friday. Report issues here.
                        vBulletin 5 API - Full / Mobile
                        I am not currently available for vB Messenger Chats.

                        Comment


                        • #13
                          Thank you, Wayne!
                          I didn't know that!

                          Comment

                          Related Topics

                          Collapse

                          Working...
                          X