Announcement

Collapse
No announcement yet.

http to https question

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • [Forum] http to https question

    Hi, I'm currently going to change over from http to https for the forum itself. I assume once the IP configures within 24 to 48 hours, I just change the URLs in my admincp to "https" instead of "http"? I also have a find/replace script to run on the domain.com/findreplace.php which finds all traces of "http" and changes it to "https" for me. The question is, I don't use the "www" at all in on my site. Now, for the mod-rewrite in htaccess .. how would I force all users to use the "https" properly? As I'm sure most of my links in google and other search engines already list it all with the "http". Hence a redirect, but...to make sure all my users are redirected properly.. what should I do. I also have the no hotlink protection on my domain as well. Here below is my current .htaccess. How would I revamp it, to make sure everything is carried over from "http" to "https"? Notice the first rule, is to redirect www to domain.com itself. So how would I adjust the first "rule"? Anything normal "http" to "https" even if including the "www" to go to "https://mydomain.com"? I just want to make sure all of this correct though. I guess in the last rule at bottom of page, just change the "http"s to "https"? And find/replace all "http" in database and change them to "https"?

    Code:
    RewriteEngine on
    RewriteCond %{HTTP_HOST} ^www.mydomain.com$ [NC]
    RewriteRule ^(.*)$ http://mydomain.com/$1 [R=301,L] 
    
    # This file is only needed if you have set the Forum Component URL in your admincp and you are 
    # using the mod_rewrite option for friendly urls.  If this is the case, copy this file
    # to your forum component stub directory.
    
    # If you are having problems or are using VirtualDocumentRoot, uncomment this line and set it to your forum component directory.
    # RewriteBase /forum-stub-directory/
    
    # If you are having problems with the rewrite from content/ to content.php, uncomment this line to turn MultiViews off.
    # Options -MultiViews
    
    RewriteCond %{REQUEST_FILENAME} -f [OR]
    RewriteCond %{REQUEST_FILENAME} -l [OR]
    RewriteCond %{REQUEST_FILENAME} -d
    
    RewriteRule ^.*$ - [NC,L]
    
    # Forum
    RewriteRule ^threads/.* showthread.php [QSA]
    RewriteRule ^forums/.* forumdisplay.php [QSA]
    RewriteRule ^members/.* member.php [QSA]
    
    RewriteEngine On
    RewriteRule ^((urllist|sitemap).*\.(xml|txt)(\.gz)?)$ vbseo_sitemap/vbseo_getsitemap.php?sitemap=$1 [L]
    
    ### THIS IS A LITTLE EXTRA SECURITY AND CAN BE REMOVED
    
    RewriteRule ^includes/(.*) index.php
    RewriteRule ^vb/(.*) index.php
    RewriteRule ^packages/(.*) index.php
    
    order deny,allow
    deny from 80.237.206.93
    deny from rst.void.ru
    deny from 154.35.47.59
    deny from 201.1.102.82
    deny from 202.182.168.102
    deny from 81.192.36.175
    deny from 208.110.21.130 
    deny from 81.214.167.229
    deny from geo.ya.com
    deny from dot.hazard.free.fr
    deny from www.sky-hq.net
    deny from sky-hq.net
    deny from barikat.org
    deny from 81.35.151.90
    deny from xargonu.evonet.ro
    deny from 85.214.59.14
    deny from Hackeriz.com 
    deny from hackhaber.com
    deny from 85.103.235.210
    deny from 212.175.219.40
    deny from 85.103.109.37
    deny from 62.68.196.25
    deny from 209.25.148.220
    deny from iahc.net
    deny from 72.36.139.90
    deny from 5dma4arb.com
    deny from 66.45.237.220
    deny from xorow.t35.com
    deny from av3.net
    deny from dion.ne.jp
    deny from fsurf.com
    deny from geo.yah.com
    deny from proxify.net
    deny from www.fetchfido.co.uk
    deny from fetchfido.co.uk
    deny from fetchfido.com
    deny from xargonu.vo
    deny from zed1.com
    deny from 59.138.70.148
    deny from 64.110.104.133
    deny from 154.35.47.59
    deny from 62.135.105.216
    deny from 81.24.26.152
    deny from 196.217.249.162
    deny from www.stardefacer.org
    deny from 85.141.153.155
    deny from 85.140.0.0/15
    deny from 196.217.0.0/16
    deny from 80.187.107.183
    allow from all 
    
    <Files 403.shtml>
    order allow,deny
    allow from all
    </Files>
    
    deny from 94.75.121.141
    deny from 87.242.25.247
    RewriteCond %{HTTP_REFERER} !^http://mydomain.com/.*$      [NC]
    RewriteCond %{HTTP_REFERER} !^http://mydomain.com$      [NC]
    RewriteCond %{HTTP_REFERER} !^http://www.mydomain.com/.*$      [NC]
    RewriteCond %{HTTP_REFERER} !^http://www.mydomain.com$      [NC]
    RewriteRule .*\.(jpg|jpeg|gif|png|bmp|swf)$ http://mydomain.com/ [R,NC]
    I just want to make sure people are redirected from like:
    http://www.mydomain.com to https://mydomain.com
    and
    http://mydomain.com to https://mydomain.com

  • #2
    What the hell? I changed everything in the database from http to https... and now no forums are showing up at all.. and getting this error?
    Warning: Invalid argument supplied for foreach() in [path]/includes/functions.php on line 4442

    Please help

    Comment


    • #3
      Also, per http to https changes and redirects.. the forums and etc are invalid/cannot be found.. any suggestions?

      Comment


      • #4
        Okay, I've updated the counters and etc. the forums are back and etc. just the redirects need tweaked. the permalinks for forums aren't working yet, it gives me invalid message when clicking on forum urls...

        Comment


        • #5
          # Forum
          RewriteRule ^threads/.* showthread.php [QSA]
          RewriteRule ^forums/.* forumdisplay.php [QSA]
          RewriteRule ^members/.* member.php [QSA]

          RewriteEngine On
          RewriteRule ^((urllist|sitemap).*\.(xml|txt)(\.gz)?)$ vbseo_sitemap/vbseo_getsitemap.php?sitemap=$1 [L]

          I need this to reflect https and not http, everything http is going to https now all other pages work.. just not forums and stuff.. all pages work, just not going to the forums themselves and etc. all other stuff works though.

          Comment


          • #6
            Links to your forums aren't working? Can we get a link to your site?

            Comment


            • #7
              Sure Bird. I changed the permalinks though via admincp to ones that work though. The mod-rewrite ones in htaccess gave invalid messages. So I just went with a change in admincp. However, most KNOW of my threads and bookmarked the URLS i had before though.. I just need to make sure they're redirected properply. All other URLS on the forum worked after going from http to https.. just not the custom ones:


              Code:
              # If you are having problems with the rewrite from content/ to content.php, uncomment this line to turn MultiViews off. # Options -MultiViews  RewriteCond %{REQUEST_FILENAME} -f [OR] RewriteCond %{REQUEST_FILENAME} -l [OR] RewriteCond %{REQUEST_FILENAME} -d  RewriteRule ^.*$ - [NC,L]  # Forum RewriteRule ^threads/.* showthread.php [QSA] RewriteRule ^forums/.* forumdisplay.php [QSA] RewriteRule ^members/.* member.php [QSA]  RewriteEngine On RewriteRule ^((urllist|sitemap).*\.(xml|txt)(\.gz)?)$ vbseo_sitemap/vbseo_getsitemap.php?sitemap=$1 [L]
              The site is; https://feetfotos.com

              Comment


              • #8
                That mean you are always forced all to https but non/without www or just only domain name right?

                Code:
                # Always Forced www to non www and go to https
                RewriteCond %{HTTP_HOST} ^www.(.+)$ [NC]
                RewriteRule ^(.*)$ https://%1/$1 [R=301,L]
                
                # Always Forced http to https
                RewriteCond %{HTTPS} off
                RewriteCond %{SERVER_PORT} 80
                RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
                Just share
                this my .htaccess code:

                Code:
                RewriteEngine on
                
                # Always Forced www to no www and go to https
                RewriteCond %{HTTP_HOST} ^www.(.+)$ [NC]
                RewriteRule ^(.*)$ https://%1/$1 [R=301,L]
                
                
                # Always Forced http to https
                RewriteCond %{HTTPS} off
                RewriteCond %{SERVER_PORT} 80
                RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
                
                # If you are having problems or are using VirtualDocumentRoot, uncomment this line and set it to your vBulletin directory.
                # RewriteBase /forum/
                
                # If you are having problems with the rewrite from content/ to content.php, uncomment this line to turn MultiViews off.
                # Options -MultiViews
                
                RewriteCond %{REQUEST_FILENAME} -f [OR]
                RewriteCond %{REQUEST_FILENAME} -l [OR]
                RewriteCond %{REQUEST_FILENAME} -d
                
                RewriteRule ^.*$ - [NC,L]
                
                
                # Forum
                RewriteRule ^threads/.* showthread.php [QSA]
                RewriteRule ^forums/.* forumdisplay.php [QSA]
                RewriteRule ^members/.* member.php [QSA]
                RewriteRule ^blogs/.* blog.php [QSA]
                RewriteRule ^entries/.* entry.php [QSA]
                
                RewriteCond %{REQUEST_FILENAME} -f [OR]
                RewriteCond %{REQUEST_FILENAME} -l [OR]
                RewriteCond %{REQUEST_FILENAME} -d
                
                 RewriteRule ^.*$ - [NC,L]
                
                
                # MVC
                RewriteRule ^(?:(.*?)(?:/|$))(.*|$)$ $1.php?r=$2 [QSA]
                RewriteRule ^widget/config/([0-9]+) widget.php?r=config/$1&%{QUERY_STRING}
                
                # Check MVC result
                RewriteCond %{REQUEST_FILENAME} -f
                RewriteRule ^(.*)$ - [NC,L]
                RewriteRule ^(.*)$ - [R=404,L]
                Last edited by GhoHan; Sat 5th Nov '11, 11:30am.

                Comment


                • #9
                  I guess what I need then is an example of a thread URL that isn't working. From your first post I thought you mean links to your forums weren't working, but they are.

                  Comment


                  • #10
                    Sorry guys for the late response, been busy with home life. I thought these issues were fixed already by outside help. But apparently not. I've only had one complaint by a member since I've done this transformation of urls. Here's the screenshots he's given. He's using IE browser, which is odd though, because usually IE browser lets ANYTHING through and working... even spam, hackers, bad html/xhtml codes and the like. It don't make sense. Maybe he has some IE plugin installed preventing this?

                    Click image for larger version

Name:	security warning.jpg
Views:	2
Size:	58.5 KB
ID:	3685945Click image for larger version

Name:	log-in eror.jpg
Views:	2
Size:	82.5 KB
ID:	3685946

                    He's the only fellow having this issue so far. No one else reported this...? All he wrote through this transformation is below here in quotes.

                    Just a lil heads up... not sure if this is happening for everyone or just me... but everytime i go from one page to another IE pops up a security warning and i have to click yes/no to continue.
                    Incase i'm only one use'n IE8, here's a screen cap of it.

                    Click image for larger version

Name:	security warning.jpg
Views:	2
Size:	58.5 KB
ID:	3685945

                    That's good and all, but mayhaps I wasn't clear on what I was trying to say. On other sites, I might get that warning on just their first page, and not when I goto other pages within that site. Here however, every time I go from one page to the next, I get that poping up warning. It makes it very difficult (not to mention anoying) to go from post to post. I can't be the only IE8 user here having that problem.

                    BTW, tried loging out and back in, but that not fix it
                    It's been a couple days since i had the chance to log in here, but i'm still getting the same security message. I guess i'll just have to try and see if there's a away from my end to turn that off for just this site?

                    On a similar note... when i did log in today, i got this message from the board...
                    Click image for larger version

Name:	log-in eror.jpg
Views:	2
Size:	82.5 KB
ID:	3685946
                    [ATTACH=CONFIG]106[/ATTACH]
                    My htaccess file is:
                    Code:
                    RewriteEngine on
                    RewriteCond %{HTTPS} off
                    RewriteRule ^/$ https://feetfotos.com/ [R,L]
                    
                    
                    # This file is only needed if you have set the Forum Component URL in your admincp and you are 
                    # using the mod_rewrite option for friendly urls.  If this is the case, copy this file
                    # to your forum component stub directory.
                    
                    # If you are having problems or are using VirtualDocumentRoot, uncomment this line and set it to your forum component directory.
                    # RewriteBase /forum-stub-directory/
                    
                    # If you are having problems with the rewrite from content/ to content.php, uncomment this line to turn MultiViews off.
                    # Options -MultiViews
                    
                    RewriteCond %{REQUEST_FILENAME} -f [OR]
                    RewriteCond %{REQUEST_FILENAME} -l [OR]
                    RewriteCond %{REQUEST_FILENAME} -d
                    
                    RewriteRule ^.*$ - [NC,L]
                    
                    # Forum
                    RewriteRule ^threads/.* showthread.php [QSA]
                    RewriteRule ^forums/.* forumdisplay.php [QSA]
                    RewriteRule ^members/.* member.php [QSA]
                    
                    RewriteEngine On
                    RewriteRule ^((urllist|sitemap).*\.(xml|txt)(\.gz)?)$ vbseo_sitemap/vbseo_getsitemap.php?sitemap=$1 [L]
                    
                    ### THIS IS A LITTLE EXTRA SECURITY AND CAN BE REMOVED
                    
                    RewriteRule ^includes/(.*) index.php
                    RewriteRule ^vb/(.*) index.php
                    RewriteRule ^packages/(.*) index.php
                    
                    order deny,allow
                    deny from 80.237.206.93
                    deny from rst.void.ru
                    deny from 154.35.47.59
                    deny from 201.1.102.82
                    deny from 202.182.168.102
                    deny from 81.192.36.175
                    deny from 208.110.21.130 
                    deny from 81.214.167.229
                    deny from geo.ya.com
                    deny from dot.hazard.free.fr
                    deny from www.sky-hq.net
                    deny from sky-hq.net
                    deny from barikat.org
                    deny from 81.35.151.90
                    deny from xargonu.evonet.ro
                    deny from 85.214.59.14
                    deny from Hackeriz.com 
                    deny from hackhaber.com
                    deny from 85.103.235.210
                    deny from 212.175.219.40
                    deny from 85.103.109.37
                    deny from 62.68.196.25
                    deny from 209.25.148.220
                    deny from iahc.net
                    deny from 72.36.139.90
                    deny from 5dma4arb.com
                    deny from 66.45.237.220
                    deny from xorow.t35.com
                    deny from av3.net
                    deny from dion.ne.jp
                    deny from fsurf.com
                    deny from geo.yah.com
                    deny from proxify.net
                    deny from www.fetchfido.co.uk
                    deny from fetchfido.co.uk
                    deny from fetchfido.com
                    deny from xargonu.vo
                    deny from zed1.com
                    deny from 59.138.70.148
                    deny from 64.110.104.133
                    deny from 154.35.47.59
                    deny from 62.135.105.216
                    deny from 81.24.26.152
                    deny from 196.217.249.162
                    deny from www.stardefacer.org
                    deny from 85.141.153.155
                    deny from 85.140.0.0/15
                    deny from 196.217.0.0/16
                    deny from 80.187.107.183
                    deny from 94.75.121.141
                    deny from 87.242.25.247
                    allow from all 
                    
                    <Files 403.shtml>
                    order allow,deny
                    allow from all
                    </Files>
                    
                    
                    RewriteCond %{HTTP_REFERER} !^https?://feetfotos.com/.*$ [NC]
                    RewriteCond %{HTTP_REFERER} !^https?://feetfotos.com$ [NC]
                    RewriteCond %{HTTP_REFERER} !^https?://www.feetfotos.com/.*$ [NC]
                    RewriteCond %{HTTP_REFERER} !^https?://www.feetfotos.com$ [NC]
                    RewriteRule .*\.(jpg|jpeg|gif|png|bmp|swf)$ https://feetfotos.com/ [R,NC]
                    I don't think it's so much thread or post issues though, if you need thread or post examples.. You can easily check those out in my "welcome to feetfotos section/ category" ... as they're viewable by "guests".
                    https://feetfotos.com/forums/3-Welcome-to-Feet-Fotos

                    Just not sure why one of my guys is having issues. Especially with IE browser. Usually IE lets anything through without issues. LOL Notice in the one screen cap though, the version of vBulletin, the times, are all "coded", not displaying the actual times and dates and versions of vBulletin....in the footer. The last screen cap given.
                    Last edited by spencerp; Fri 11th Nov '11, 10:22pm.

                    Comment


                    • #11
                      I would ask him to reset his browser settings to default in IE- he might be using some custom settings or a higher-than-normal security level for web pages.

                      Comment

                      widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
                      Working...
                      X