Default to https and SSL

[Plantje]

I got the request to install an SSL certificate. I contacted my host (one.com) and they said they could enable SSL on both of the websites I am running and so they did.

Do I need to do something else to have an SSL certificate? Or is this ok now?

Does an SSL certificate mean HTTPS access is possible? Or is that something completely different?

Now I added the following to the .htaccess of both sites:
#Rewrite everything to https
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

However, the redirect doesn't seem to work. Is something wrong with it?

I am running:
www.vliegvissers.nl/SMForum/index.php
www.vliegvissers.com/SMForum/index.php

If I go to https://www.vliegvissers.nl/SMForum/index.php it shows me parts of the website are not secure.

[Illori]

take a look at https://www.simplemachines.org/community/index.php?topic=555034.0 as a start.

[Plantje]

Thanks! Looks like a good start!

[a10]

This works (for my site) on one.com, force www + https

RewriteEngine On
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} !^www\.sitename\.net$ [NC]
RewriteRule ^(.*)$ https://www.sitename.com/$1 [L,R=301]

[Plantje]

I think I need to look into this a little bit more as both scripts do not work for me.

If I use the one from you, a10, and go to "vliegvisserscom" I do see it get redirected to "https://vliegvissers.com" Whereas without the redirection it went for "http://www.vliegvissers.com/SMForum"

I need to look at this when I have some more time, I think

[Plantje]

Couldn't hold back...

Turns out in my index.php a redirect was already in place:

Koodi [Valitse] Laajenna

<?php
$host=getenv("HTTP_HOST");
if($host == "www.vliegvissers.com") { $url = "http://www.vliegvissers.com/SMForum/"; }
elseif($host == "vliegvissers.com") { $url = "http://www.vliegvissers.com/SMForum/"; }


else { $url = "https://www.vliegvissers.com/SMForum/" ; }
Header("Location: $url");
?>
Turns out I just needed to change that to https.

Koodi [Valitse] Laajenna


<?php
$host=getenv("HTTP_HOST");
if($host == "www.vliegvissers.com") { $url = "https://www.vliegvissers.com/SMForum/"; }
elseif($host == "vliegvissers.com") { $url = "https://www.vliegvissers.com/SMForum/"; }


else { $url = "https://www.vliegvissers.com/SMForum/" ; }
Header("Location: $url");
?>


However, website do still complain parts of the site are not secure

[Shambles]

Click the padlock and expand on the media that's insecure.

There are quite a few URLs in your setup that need amending...

[Plantje]

Is that a Firefox specific thing? Where can I find it on Edge, IE or Chrome?

[Mick.]

Make sure to change the url to https in admin, database and paths?

[Mick.]

Also hosted images from your server wont change to https from past posts or logos, banners etc. You would need to edit their URLs accordingly. There after you should be good

[Plantje]

Make sure to change the url to https in admin, database and paths?

The "Forum URL" is set to https. Should be good there...

Also hosted images from your server wont change to https from past posts or logos, banners etc. You would need to edit their URLs accordingly. There after you should be good

I was looking how to change that. And upon checking on my host's portal in the file manager, every file and folder from the root and down states "http" rather than "https". For example:
SMForum
Full path: http://vliegvissers.com/SMForum/
02/12/2018 | 487 items

That still doesn't seem right to me.