I have purchase and installed an SSL certificate on my server and everything seems to be working correctly.
I selected in Joomla Global Configuration -> Server -> Force HTTPS -> Entire Site. Now the site all works with SSL as expected.
But, I have 2 pages that needs to be in http because the remote call does not support https :(
I have been fiddling with joomla native .htaccess but I either get redirection loops or errors.
Could someone please help with the correct .htaccess code for force http in 2 pages?
There is a component that can be used to enable https on specific pages of website only. Check this https://extensions.joomla.org/extensions/extension/site-management/url-redirection/yireo-ssl-redirection/.
This will make your work easy no htaccess required.
Related
I moved wordpress website with https address to a localhost on LAMP server using All-in-one migrate plugin. Everything moved well except paths to media files (pictures).
Links to pictures in upload folder are broken. And nothing wrong with them except that they have https instead of http.
Console errors pic
I tried find/replace in wp_posts table, but it doesnt find anything. Tried to use plugin, that seems to do the same - doesnt help.
My .htaccess file is the default one from WP codex.
Weird, that I've done same process of migrating from https to localhost with another wordpress website and everything was fine.
The only difference between them, is that website with problem is using woocommerce plugin. And images are actualy products images. Maybe this will help.
UPDATE: Looks like problem is with all uploaded media files. I just've uploaded new file, and it's not showing neither. Some problems with apache configuration?
UPDATE2: Found out that this is 301 redirect problem. But where does it comes from? What to do to cancel those redirects? Do I need to edit .htaccess?
Screenshot of network tab for correspong images. Gray ones are http versions and red ones - are redirected to https
There are a few things, that I would recommend you to check.
Check your settings in the database _options table in the fields siteurl and home. You should have there http://domain-name
Also you need to check your wp-config.php. There might be rules added regarding siteurl and home using incorrect protocol.
There might be some plugins installed, which can trigger this https redirect, such as Really Simple SSL, or cache plugins, which also have settings regarding https.
And finally, check your theme code, if it is a custom theme, it also can be configured to use https in some cases.
I have purchased SSL certs and done all the necessary work to get the cert files onto my server and into my apache config files for my virtualhost.
In WP in the backend I have made sure my urls all use https: in them and forced the wp backend to always use https. This all works fine but issues start happening on some pages where it says that it cannot be found giving a 404 error and specifically on the woocommerce /cart and /checkout pages which is really bizarre.
I have even stripped out the settings to force https in site urls and gone straight into .htaccess and forced https throughout the whole site and even still I get errors on /cart and /checkout.
I have permalinks in WP set to custom and custom base url of /shop in woocommerce.
Has anyone else had this issue with woocommerce?
Thanks
i have a really weird problem on a typo3 site.
The site currently runs on Typo3 4.6.6 (yeah i know we are in the process of upgrading it to 6.2 LTS)
In the backend we have 3 separate pages. The webspace where this site runs was currently upgraded to PHP 5.5. Nothing else has changed (as far as we know)
The problem is that on certain pages we get redirected to a https version of the same page, although the link is a http link.
See for instance here: http://www.phd-cell-signaling.at/home.html
If you open this it loads fine. But as soon as you click on a (http) link on the site, you get redirected to an https version hence the browser doesn't load all the stuff included via http (stylesheets for instance). But when you then delete the "s" from the address bar and hit enter you don't get redirected. And this is something i don't really understand.
And if that'd be a general issue shouldn't the other pages in the same typo3 environment also be affected? Or am i missing something here.
Since I'm not that familiar with typo3 it would be greatly appreciated if somebody could link me in the right direction where the problem could be.
We use realURL for example. But I checked the configuration i found and it doesn't appear to do anything that causes the redirect.
I also checked the typoscript configuration of all the pages in the backend with no success.
Are there any other plugins that might cause something like this?
Any help greatly appreciated.
When you follow a link on the page you posted, then the webserver returns the statuscode 301 (moved permanently) with the new location for that page (which is the requested page with the HTTPS scheme).
When TYPO3 is properly configured for SSL usage for single pages (so a backend user can use "Choose protocol" selectbox in the backend), then it already renders affected links with the proper scheme.
Your problem described can have multiple reasons. Please check the following:
Inspect the .htaccess file in the root directory of the TYPO3 website for any scheme redirects
Check if the webserver itself has configured scheme redirects for that virtual host
Goto the TYPO3 extension manager and search for local installed HTTPS or SSL redirection extensions
I have a site running WordPress on Apache server and I am attempting to provide both HTTP and HTTPS connections via the same site. I want to allow connections over HTTP without forcing a redirect to HTTPS, unless the client is connecting initially via HTTPS then I want all subsequent HTTP requests to be forwarded to HTTPS to avoid issues with CORS and unsecured content warnings.
I am having some trouble turning up results on how to effectively do this with mod_rewrite alone. Most solutions I find try to force the connections to redirect to HTTPS regardless and will not allow an HTTP connection or vice versa. I have tried a few mod rewrite conditions including making use of the referer string but none seem to work thus far. I must be missing something because I feel that this is indeed possible but I and my search engines alone are stumped.
Maybe I'm just doing something wrong or is this kind of functionality beyond Mod_Rewrite?
I was thinking to use a PHP script but was worried it wouldn't work for some static files since WordPress doesn't handle those requests.
Update:
I have made a php script to detect the version. It sets a cookie which expires in 20 seconds from being set, this is read by Mod_Rewrite and if set it redirects the URLs to HTTPS. This works for most of the subsequent requests of an initial HTTPS request. A few URLs seem to be unaffected by it, not sure exactly why as the cookie hasn't expired by the time of these file requests and the particular rules are before the static file bypass rules in the htaccess file. At any rate that was easy enough to fix by setting the file urls to protocol-less versions.
Some third party sites need domains rewritten though, as they serve https from other domains. On that note I don't think this is actually possible without buffering the whole page and actually re-writing the URLs.
It is possible to detect the initial connection but this must be done using Server Side code, like a PHP script. Then using the detection can be done at Mod_Rewrite level.
Add in the WordPress constraint and things get complicated.
WordPress isn't built to facilitate one install with both protocols allowing access to content. So to accomplish this would require a custom plugin using the detection mentioned earlier, and instead of using Mod_Rewrite to direct requests on the server, we have to buffer WordPress output and logically replace/rewrite URLs in the page before they go to the user if and only if the initial connection for the page is in SSL.
There is only one plugin I have found which does something similar to this, however it doesn't do dynamic detection only gives admin/editors a checkbox option to make a page SSL secured. The plugin is called WordPress HTTPS
Dynamic detection and redirection isn't something SSL was meant for anyways, it's either on or off, and most pages need it that way.
I was originally trying to provide both so I could use a self-signed certificate without worrying that users would get the "warning unsecured connection" messages from their browsers by forcing them to use only SSL connections.
So I'll be purchasing a cert or making a custom plugin.
tkausl is right, you don't really need to do mod_rewrite. You should be able to format links without the protocol and it will automagically select for you.
You can see that google does this with their hosted libraries:
<script src="//ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js"></script>
*Note the lack of http: or https: this will follow the protocol requested by the user.
I'm trying to set up a Wordpress Multisite network on Google App Engine. I have the install up and running, and am mapping custom domains for each site with the help of this plugin. I'm using Wordpress 4.0.
The domain mapping works, in that when I navigate to the custom domain it pulls up the corresponding site, but when I try to access any admin pages from the custom domain, I get an SSL error. I gather that this is due to Google's not allowing custom domains to access GAE apps via SSL, and so I've been trying to fix this by redirecting all requests of the form mycustomdomain.com/wp-admin/(.+) to myapp.appspot.com/wp-admin/\1.
My rationale for trying this is that myapp.appspot.com/subsite/wp-admin/ works just fine, but mycustomdomain/wp-admin does not, despite the two pointing to the same location.
Unfortunately, I haven't been able to figure out how to do this redirection properly. I've tried adding redirect rules to the .htaccess file with no success. I've also tried messing with app.yaml handlers, but this, too, yielded no results.
Also worth noting is that I attempted to force all requests to go through http (as a hackish, temporary workaround) via this plugin to no avail.
I'm new to working with servers, and any help would be much appreciated. I'm not even sure that redirection is the right solution, so I welcome any other suggestions. I can supply pertinent code if needed. Thanks.
EDIT: I could go through Google's custom domain registration process via Google Apps and get an SSL certificate that way, but my app will eventually be used by a large number of independent sites that I don't control, so that solution won't work.
I have been trying to achieve something similar on a regular server and not on GAE, so I'm not sure this will apply to you...
Isn't the 4th option of the Domain Mapping what you're looking for? In the WP network administration, go to Settings > Domain Mapping, then you can tick/untick the 4th option :
4. Redirect administration pages to site's original domain (remote login disabled if this redirect is disabled)
This will allow you to use a custom domain to access a site and its wp-admin interface, allowing SSL certificates to validate since the domain stays the same.