Converted SMF to https but links in posts are still http

probeman · August 24, 2018, 11:40:10 AM

I converted our SMF forum to https and it generally all works but links in posts are still http. The host IT guy said he ran the repair settings thing, but many links pasted in posts still show http://.

The gallery images display fine but just the pasted links to other posts within the forum show http://.

Is there a way to globally convert all pasted links that point to other posts in the forum to https:? I could manually go through all the posts and edit them by hand but there are over 6000 of them!

Thanks in advance for helping!

probeman · August 24, 2018, 11:45:14 AM

It's weird. Some links in posts are http:// but work and some (most) don't.

Attachments seem to work and most in line images too, but some images pointing to old pics not in the gallery need to be changed to https://.

Just hoping there's a way to do a global search and replace... for

http://ourwebsite.com/smf/index.php?topic=482.msg2826#msg2826

to

https://ourwebsite.com/smf/index.php?topic=482.msg2826#msg2826

!

probeman · August 24, 2018, 11:52:40 AM

For example, this link works as is:

http://www.ourwebsite.com/download/Calculated%20Alpha%20Binaries.txt

and if I change it to

https://www.ourwebsite.com/download/Calculated%20Alpha%20Binaries.txt

it still works.

But many of the links pasted in posts to other posts inside the forum do not work until they are changed to https://

?

drewactual · August 24, 2018, 11:53:03 AM

did you make an entry in your htaccess to 301 to https?

Chen Zhen · August 24, 2018, 11:55:16 AM

You can try a .htaccess file in your main directory.

Read the info from this reference link:
https://www.name.com/support/articles/115005296088-Redirect-HTTP-to-HTTPS-automatically

Keep in mind that any image links in those posts that contain port 80 (http) will flag a warning in browsers.

drewactual · August 24, 2018, 11:57:02 AM

line one htaccess add:

Code Select

RewriteEngine On 
RewriteCond %{SERVER_PORT} 80 
RewriteRule ^(.*)$ https://www.YOURDOMAIN.com/$1 [R,L]

drewactual · August 24, 2018, 11:58:31 AM

you ninja'd me, Chen!

probeman · August 24, 2018, 12:40:07 PM

Huh. Our .htaccess file shows this:

Code Select

RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [R,L]

I don't know enough about this stuff to know how this compares to what was posted above...

I should reiterate that the old http:// image links (to the image gallery) work fine.

The issue now is from when someone had pasted a link to another post in the forum from before we switched to https. So the old pasted link to another forum post still has http:// not https://. So we get a 404 page not found error. Once I edit it to https:// it works fine again.

So when I manually edit the old pasted link to https:// it now works. So is there a way to do a search and replace in the forum posts globally?

drewactual · August 24, 2018, 12:55:33 PM

the htaccess provided will translate all approaches from http to https... the only question is if you use www as well? change the part "yourdomain.com" to your domain.. and if RewriteEngine=On has already been declared don't re-declare, or better yet just plop the code on line one of the htaccess and remove any other "RewriteEngine=On" you see.

probeman · August 24, 2018, 01:02:04 PM

Quote from: drewactual on August 24, 2018, 12:55:33 PM
the htaccess provided will translate all approaches from http to https... the only question is if you use www as well? change the part "yourdomain.com" to your domain.. and if RewriteEngine=On has already been declared don't re-declare, or better yet just plop the code on line one of the htaccess and remove any other "RewriteEngine=On" you see.

The pasted links to the forum that produce the 404 error do not have www in them.

The .htaccess file I pasted above is the complete file, so I don't quite follow you.

Please speak to me as though I am an idiot.

drewactual · August 24, 2018, 01:05:56 PM

if there is nothing in your htaccess other than what you showed, replace it with this:

Code Select

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

it is a 301 (permanent redirect) to https from http... it should re-write all attempts to approach http with https and leave the rest intact.

probeman · August 24, 2018, 01:32:06 PM

Quote from: drewactual on August 24, 2018, 01:05:56 PM
if there is nothing in your htaccess other than what you showed, replace it with this:
Code Select Expand
RewriteEngine On RewriteCond %{HTTPS} off RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

it is a 301 (permanent redirect) to https from http... it should re-write all attempts to approach http with https and leave the rest intact.

This looks very scary as I have no idea what this does.

Are the differences that my current .htaccess have compared to what you posted, explain why some some http links get converted to https, but not all links?

drewactual · August 24, 2018, 01:40:08 PM

ALL links that 'are not' https will be sent to https using that script in htaccess. this is the easiest way to migrate a site from non-SSL to SSL after running the repair_setting's file... and it's used primarily so folks who have linked to your page from wherever, be it bookmarks or links in other forums ect, will be translated to https using the 'permanent redirect' function... basically the 301 tells search engines this 'redirect' is permanent not temporary (which would be a 302) so they won't index multiple versions of your page (one page http the other https) and send new visitors on a wild goose chase...

rewrite engine on tells the server just like it says: rewrite what follows
rewrite condition tells the server to rewrite to https
rewrite rule tells it what to write... in this case it will use the base url (and not worry about if it's www or not)...

replace the existing code with this one... see if it works how you want it to... if it does you're golden, if it doesn't simply replace it with what was there. it WILL work, though.

Chen Zhen · August 24, 2018, 01:55:58 PM

I wrote a small tool to help you out.
It will replace all local http to https within the body column entries of your messages table.
(local meaning it only changes your forum link based on $boardurl)

Backup your database prior to using the tool to be safe.
I did test it and all seems to work well.

Install the tool & then uninstall it when complete.

File is attached.

probeman · August 24, 2018, 02:01:41 PM

Quote from: drewactual on August 24, 2018, 01:40:08 PM
ALL links that 'are not' https will be sent to https using that script in htaccess. this is the easiest way to migrate a site from non-SSL to SSL after running the repair_setting's file... and it's used primarily so folks who have linked to your page from wherever, be it bookmarks or links in other forums ect, will be translated to https using the 'permanent redirect' function... basically the 301 tells search engines this 'redirect' is permanent not temporary (which would be a 302) so they won't index multiple versions of your page (one page http the other https) and send new visitors on a wild goose chase...

rewrite engine on tells the server just like it says: rewrite what follows
rewrite condition tells the server to rewrite to https
rewrite rule tells it what to write... in this case it will use the base url (and not worry about if it's www or not)...

replace the existing code with this one... see if it works how you want it to... if it does you're golden, if it doesn't simply replace it with what was there. it WILL work, though.

No it did not work! The main web page still works but the forum will no longer load and instead I get a "The page isn't re-directing properly" and "This problem can sometimes be caused by disabling or refusing to accept cookies".

Then to make matters worse, I replaced the .htaccess file with the original and now I get a 404 error for the entire damn forum!

I am an idiot alright.

Chen Zhen · August 25, 2018, 12:41:06 AM

If the .htaccess is causing a problem due to improper configuration you can delete the file altogether.
You can do this until you get the proper configuration and/or adjust your server software (above the .htaccess level).

Try this for your .htaccess file

rewrites www to non-www and http to https:

Code Select


RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ http://%1/$1 [R=301,L]
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Header set Strict-Transport-Security "max-age=31536000" env=HTTPS

Although your control panel (ie. CPanel) likely has a setting to force TLS (https) for your domain.
This means it can place a setting within your server software (ie. Apache) that is called prior to the .htaccess file.

Quote
Is there a way to globally convert all pasted links that point to other posts in the forum to https:? I could manually go through all the posts and edit them by hand but there are over 6000 of them!

You should try the tool I previously posted.
It does the task that you originally asked for.

a10 · August 25, 2018, 08:31:15 AM

What I've been using on my domain\forum over the years to force www + https, been doing a perfect job:

RewriteEngine On
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} !^www\.yourdomain\.com$ [NC]
RewriteRule ^(.*)$ https://www.yourdomain.com/$1 [L,R=301]

enter the correct yourdomain.com or .net or .whatever. Good luck.

Kindred · August 26, 2018, 11:03:41 AM

Do note that none of the htaccess solutions pointed out here will actually CHANGE the URLs in messages.
That text will still display as "http" -- it will just RESOLVE to https when clicked.

If you want to change the actual DISPLAYED text to be https, then you will need to do a direct database edit/replace

probeman · August 26, 2018, 11:53:07 AM

Quote from: Chen Zhen on August 25, 2018, 12:41:06 AM
If the .htaccess is causing a problem due to improper configuration you can delete the file altogether.
You can do this until you get the proper configuration and/or adjust your server software (above the .htaccess level).

Try this for your .htaccess file

rewrites www to non-www and http to https:
Code Select Expand
RewriteEngine On RewriteBase / RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC] RewriteRule ^(.*)$ http://%1/$1 [R=301,L] RewriteCond %{HTTPS} off RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] Header set Strict-Transport-Security "max-age=31536000" env=HTTPS

Although your control panel (ie. CPanel) likely has a setting to force TLS (https) for your domain.
This means it can place a setting within your server software (ie. Apache) that is called prior to the .htaccess file.

Quote
Is there a way to globally convert all pasted links that point to other posts in the forum to https:? I could manually go through all the posts and edit them by hand but there are over 6000 of them!

You should try the tool I previously posted.
It does the task that you originally asked for.

Thanks. I will talk to the web host IT person next week and I will point out your suggestions to them. I don't feel qualified to run a script on the databases myself.

By the way, when I replaced the .htaccess file as suggested by drewactual and the site stopped working it was apparently due to me needing to "clear the cookies" on my end.

a10 · August 26, 2018, 04:15:41 PM

Got the point about original question (http within posts), Personally also had a plan for replacing the (10.000's) http (export _messages table, search\replace in notepad++, import), but ditched the idea as with a well working htaccess it'll all be https in practice.

That was very long ago and haven't given it a thought since. But may have missed something, is there any real important reason for, or gain by, adding the 's' ?

News:

Converted SMF to https but links in posts are still http