SSL certificate for smf 2.0.14

engrz · August 29, 2017, 04:29:33 AM

im trying to buy ssl certificate for my forum, but my host said that my website goes offline for 48 hours until successful working of ssl. is there any way to buy/use ssl without down time of website?

@rjen · August 29, 2017, 04:34:48 AM

Strange comment.

When I actived SSL my forum was still on http and working, nothing goes offline. Only after I had confirmation that the Certificate was activated I changed my forum to https and activated the https redirect in the .htaccess file: no downtime...

Dzonny · August 29, 2017, 04:39:55 AM

Yeah, as far as I'm aware there shouldn't be downtime at all.

a10 · August 29, 2017, 06:25:34 AM

Strange indeed. Got ssl some time ago, zero downtime (of course), and access using either http or https worked fine (later added .htaccess redirect to force https). No problems.

engrz · August 29, 2017, 06:45:06 AM

Quote from: a10 on August 29, 2017, 06:25:34 AM
Strange indeed. Got ssl some time ago, zero downtime (of course), and access using either http or https worked fine (later added .htaccess redirect to force https). No problems.

so i dont care about their comments, may i process to buy ssl? and it doesent matter after buying ssl, users use it with http?

a10 · August 29, 2017, 07:34:11 AM

...may be that... they refered to time before the certificate being 'active', so the site would not work immediatley using https. But without any .htaccess redirect, http should still work like nothing has happened (was the behaviour on my site).

IMO, ask the host why they need to \ want to kill non-ssl (http) for 48 hours.

Edit: took approx 1 hour to get the ssl active, and http worked all along. From host control panel:

QuoteWhen you enable SSL for the first time, it takes up to 90 minutes before the certificate is installed and working

engrz · August 29, 2017, 07:48:16 AM

I have sent them an email to ask, why they are going to kill http?

The other thing I want to ask, at this time my site also work with Https. Here is URL https://www.engrz.org

Do I still need to buy SSL?

a10 · August 29, 2017, 07:57:10 AM

^^^certainly https already works, certificate from 9 august. Ask the host what's going on :O)
Related to cloudflare ? See attach. You may just need a .htaccess redirect and it's all done.

engrz · August 29, 2017, 08:10:44 AM

My host replied that the SSL is already installed, no need to buy another.

But in browser, when I access site it shows connection is not secure.

d3vcho · August 29, 2017, 08:22:24 AM

Do you have the image proxy enabled?

a10 · August 29, 2017, 08:30:12 AM

QuoteMy host replied that the SSL is already installed, no need to buy another

How come they didn't inform earlier :O)

QuoteBut in browser, when I access site it shows connection is not secure.

Partly not secure, images. Need to set https paths (repair_settings.php) + "Enable Image Proxy" in forum server settings + .htaccess redirect. And a backup before starting :O)

engrz · August 29, 2017, 09:09:40 AM

Just enabled the image proxy. What to setup through repair_settings.php?

shawnb61 · August 29, 2017, 09:41:31 AM

This guide may help you step thru the whole process:
https://www.simplemachines.org/community/index.php?topic=555034.0

engrz · August 29, 2017, 09:56:26 AM

Thank you for the guidance, i just replaced the path with https:// as suggested in guide and also image proxy is enabled. but still showing unsecure, part of the domain is not secure.

Dzonny · August 29, 2017, 09:58:00 AM

You are pulling logo image from unsecure connection:

Code Select

http://www.engrz.org/gallery/1_17_07_16_7_17_22.png

a10 · August 29, 2017, 10:02:57 AM

:O) yes, needs a little detective work at the end, to find the last hidden gremlins. Good luck, nearly there.

engrz · August 29, 2017, 10:38:44 AM

wow... The connection is finally secure.

Thank you for such a nice support.

Dzonny · August 29, 2017, 10:50:03 AM

Always a pleasure to help

I'm marking this topic as solved.

engrz · August 29, 2017, 10:55:24 AM

unable to post any topic or post reply. when replying to any topic, it redirects to blank post.

see attachment

Dzonny · August 29, 2017, 11:06:15 AM

Are you sure that you followed all written here:
https://www.simplemachines.org/community/index.php?topic=555034.0
Please make sure that your paths are correct.

engrz · August 29, 2017, 11:13:45 AM

Quote from: Dzonny on August 29, 2017, 11:06:15 AM
Are you sure that you followed all written here:
https://www.simplemachines.org/community/index.php?topic=555034.0
Please make sure that your paths are correct.

yes, everything is double checked, but still same.

Dzonny · August 29, 2017, 12:38:27 PM

You have htaccess redirection, and repair_settings.php used to fix all paths?

engrz · August 30, 2017, 05:06:44 AM

Quote from: Dzonny on August 29, 2017, 12:38:27 PM
You have htaccess redirection, and repair_settings.php used to fix all paths?

i just removed lines from htaccess as suggested in guide. now i can post and reply but the sites are not redirected automatically.

aegersz · August 30, 2017, 06:02:50 AM

if you use apache then you have to AllowOverride:

<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride All
</Directory>

in your httpd.conf and restart httpd ... it then accepts your .htaccess - I had to do that.

this is all i have in my .htaccess (in /var/www/html):

# redirect all http to https
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://forum.drugs-and-users.org/$1 [R=301,L]

your system may not be like mine but I found that apache, straight out of the box, did not honour .htaccess. speak with your administrator and that is you then google around some of my suggestions.

I realise that your .htaccess is being processed but I am posting this for other people too.

do this BEFORE running repair_settings.php and if all is well then you will see https:// in all the suggested paths.

engrz · September 01, 2017, 11:57:04 AM

Quote from: aegersz on August 30, 2017, 06:02:50 AM
if you use apache then you have to AllowOverride:

<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride All
</Directory>

in your httpd.conf and restart httpd ... it then accepts your .htaccess - I had to do that.

this is all i have in my .htaccess (in /var/www/html):

# redirect all http to https
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://forum.drugs-and-users.org/$1 [R=301,L]

your system may not be like mine but I found that apache, straight out of the box, did not honour .htaccess. speak with your administrator and that is you then google around some of my suggestions.

I realise that your .htaccess is being processed but I am posting this for other people too.

do this BEFORE running repair_settings.php and if all is well then you will see https:// in all the suggested paths.

i run repair_setting.php and it works fine, but https not working from mobile while replying to new post or creating new topic. and the new user coming from google is coming on http not https.

aegersz · September 01, 2017, 04:55:17 PM

try another browser like Firefox.

Chrome didn't honour https when I went to my SSL enabled webmin.

Clear your browser's cache too.

engrz · September 02, 2017, 10:20:41 AM

Quote from: aegersz on September 01, 2017, 04:55:17 PM
try another browser like Firefox.

Chrome didn't honour https when I went to my SSL enabled webmin.

Clear your browser's cache too.

On firefox, when i reply to any topic it gives a popup message to confirm that are you sure you are sending this information? and on mobile nothing works when i click on post. but when i edit url and remove "s" from https, it works fine.

lurkalot · September 02, 2017, 11:02:53 AM

Think you also have some calls to unsecure scripts hidden in there, this one for example.

Code Select

http://platform-api.sharethis.com/js/sharethis.js

a10 · September 02, 2017, 11:10:46 AM

Quote from: lurkalot on September 02, 2017, 11:02:53 AM
Think you also have some calls to unsecure scripts hidden in there

Yes, also had to do some final cleanup to get the full https, for example found a http googleapis.com hidden :O)

engrz · September 02, 2017, 11:32:26 AM

I have changed all outer links such as google ads, share links, counter links and outer images.

lurkalot · September 02, 2017, 11:52:04 AM

Quote from: engrz on September 02, 2017, 11:32:26 AM
I have changed all outer links such as google ads, share links, counter links and outer images.

I see you've now changed it. Now at least it's not giving a "Only secure content is displayed message" And firefox is reporting as secure and not blocking any content. Just the redirect to sort out now then.

engrz · September 02, 2017, 12:02:55 PM

Quote from: lurkalot on September 02, 2017, 11:52:04 AM
Quote from: engrz on September 02, 2017, 11:32:26 AM
I have changed all outer links such as google ads, share links, counter links and outer images.

I see you've now changed it. Now at least it's not giving a "Only secure content is displayed message" And firefox is reporting as secure and not blocking any content. Just the redirect to sort out now then.

Yes i have changed now, but i still dont see any changes on firefox, it is still showing red dot.

lurkalot · September 02, 2017, 12:12:47 PM

Quote from: engrz on September 02, 2017, 12:02:55 PM
Quote from: lurkalot on September 02, 2017, 11:52:04 AM
Quote from: engrz on September 02, 2017, 11:32:26 AM
I have changed all outer links such as google ads, share links, counter links and outer images.

I see you've now changed it. Now at least it's not giving a "Only secure content is displayed message" And firefox is reporting as secure and not blocking any content. Just the redirect to sort out now then.

Yes i have changed now, but i still dont see any changes on firefox, it is still showing red dot.

https://www.engrz.org/ shows secure in my Firefox.

aegersz · September 02, 2017, 06:03:03 PM

your redirect isn't working.

are you sure that it is in the right directory ?

what do you use as a Webserver ?

please post your .htaccess here and read this: http://smartwebdeveloper.com/apache/htaccess-problems

or it could be this:

Multiple .htaccess files may be read and applied if a web request is made to a file in nested directories. Typically all .htaccess files in the path between the website's root directory and the requested file's directory will be read and applied in order. As a result, an htaccess file in a more deeply nested directory can override the settings made by an htaccess in a higher directory.

Is there another .htaccess file in another directory in the path to your webpage? That htaccess file the may be overriding the settings in the htaccess you're looking at.

On Mac, Linux & Unix, you can find all .htaccess files on your website in the terminal:

find /path/to/website/root -iname .htaccess -print

engrz · September 03, 2017, 04:56:49 AM

Quote from: aegersz on September 02, 2017, 06:03:03 PM
your redirect isn't working.

are you sure that it is in the right directory ?

what do you use as a Webserver ?

please post your .htaccess here and read this: http://smartwebdeveloper.com/apache/htaccess-problems

or it could be this:

Multiple .htaccess files may be read and applied if a web request is made to a file in nested directories. Typically all .htaccess files in the path between the website's root directory and the requested file's directory will be read and applied in order. As a result, an htaccess file in a more deeply nested directory can override the settings made by an htaccess in a higher directory.

Is there another .htaccess file in another directory in the path to your webpage? That htaccess file the may be overriding the settings in the htaccess you're looking at.

On Mac, Linux & Unix, you can find all .htaccess files on your website in the terminal:

find /path/to/website/root -iname .htaccess -print

I'm using two domains on one account, each domain have separate.htaccess so I modified engrz.org .htaccess but that was causing problems so I saved as it was old.

Now the problem is when I post reply from mobile, nothing works on https but when I remove s and use http it works fine.

News:

SSL certificate for smf 2.0.14