Does SMF 2.0.9 support SSL/HTTPS?

[PersianForum]

Hi

Does SMF 2.0.9 support SSL/HTTPS?

Thanks

[JBlaze]

Yes, it does. However, if you had previously installed your forum using HTTP, then you will need to run repair_settings.php to configure all URLs to use HTTPS (What is repair_settings.php?)

[PersianForum]

Yes, it does. However, if you had previously installed your forum using HTTP, then you will need to run repair_settings.php to configure all URLs to use HTTPS (What is repair_settings.php?)

Thanks, I'll try.

[PersianForum]

It works, thanks.

But, a shield icon Insecure content shield icon appearing in the address bar!
Google Chrome said This page includes script from unauthenticated sources

what can i do?

[JBlaze]

It works, thanks.

But, a shield icon Insecure content shield icon appearing in the address bar!
Google Chrome said This page includes script from unauthenticated sources

what can i do?

In order to make that message disappear, all links and media on your forum must also be HTTPS. There isn't an easy way to do that without self-hosting all media content and forcing all links to be run through a redirect script, or by forcing all links and media to be served via HTTPS.

[Arantor]

Link to the site would be useful to see exactly which content is insecure and to help us help you fix it.

[PersianForum]

Thank you for helping us.
https :// forum.reviewsofbooksinpersian .com is our Persian forum.

[Arantor]

Well, you're including jQuery from ajax.googleapis.com for something, and it's using the HTTP not HTTPS version.

Looks to me like it's the Like Posts mod trying to load jQuery without conflicts and isn't HTTPS aware.

Additionally, you have a *second* copy of jQuery being loaded every page up in the top of the theme, that one is loading jQuery 1.7.1 again not from HTTPS. Looks like that one is related to something that adjusts a fade effect on the menu.

[PersianForum]

I uninstalled all modifications but the problem is still exist!
I don't know what The jQuery (our problem) is!

How can I solve this problem?

[Kindred]

possibly, your theme may be using jquery...

your solution is going to have to be --track down what is calling jQuery and either fix it or remove it

uninstall all mods, set the default theme...
confirm that https works as expected
install the theme(s)
confirm after each theme
install the mod(s)
confirm after each mod


However, as has already been mentioned, if you allow users to post images or other linked content - you are going to run into the same problem in those posts.

[Arantor]

Yes, your theme is still using jQuery for the menu.

[PersianForum]

Thanks again.

My friends, it's a bug of those themes.
if you download them, you will see the jQuery in their index.template.php

• blue color
• Bluez
• Red Sample

I want to edit those  index.template.php and add https manually

what's your idea? 

[PersianForum]

I delete jQuery from those index.template.php
Surprisingly those themes work without problem!

jQuery address: https:// ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js

[Arantor]

Nah, it just throws a JavaScript error if you do that since $ is no longer defined...

[Nirose]

Hi guys,

i've changed the board url, theme urls and also ran repair settings to change most of http links to https but the while browsing the site. the board links and topic links still haven't changed to  "https".

For example, i'm browsing my site on https and everything works but the board urls still point to "http". so i'm directed to a unsecured page. This is the same with posting, i can go to the https url to post but it redirects to the "http".

Is this issue with theme. i also have pretty urls so i'm not sure.

The site is https://jucktion.com

Thanks

[margarett]

Disable Pretty URLs and try.

Links inside posts should still point to the "old" address as those were user-typed and there is no relation between them and the forum URL.

SMF's own links, though, should use $scripturl and THAT was corrected by repair_settings

@Illori, he said that he used repair_settings already

[Illori]

@Illori, he said that he used repair_settings already

i missed that, post removed.

[Nirose]

Disable Pretty URLs and try.

Links inside posts should still point to the "old" address as those were user-typed and there is no relation between them and the forum URL.

SMF's own links, though, should use $scripturl and THAT was corrected by repair_settings

@Illori, he said that he used repair_settings already

I'm not talking about the user posts. i'm talking about the topic links inside boards and board links in the index page. And i think i missed the correct forum link. It's https://jucktion.com/forum/

So, i should disable pretty urls, see if the links are pointed to https:// then re-enable pretty urls?

would this have any effects to links, it would be good if the current links don't end up with the 404 errors after the transition.

[Kindred]

you should actually post in the support topic dedicated to supporting the prettyurls mod...   I am fairly certain that the author of the mod would be the best one to assist you (and yes, this is almost certainly caused by the prettyurls mod, which is not, by default, configured to use https).

[nsno]

appreciate this is an old post, but would using the word censor to replace http:// with https:// work?

I realise that would break a few images that users post, but that's not really a big problem is it?  they'll find a way around it once it's explained....