We Keep Coding

Mixed content error on my website after redirecting to HTTPS

Recently I have included an SSL certificate for HTTPS redirection for my lightweight e-commerce site. The site is built with an OSCommerce platform and what I need help with is fixing these kinds of errors (on console) appearing throughout the pages: Mixed Content: The page at 'https://voberhaat.com/' was loaded over HTTPS, but requested an insecure stylesheet 'http://voberhaat.com/oc-content/themes/bender/js/jquery-ui/jquery-ui-1.10.2.custom.min.css'. This request has been blocked; the content must be served over HTTPS.
The layout and design of the site are broken after the HTTPS redirection and I am trying to find the files where I can rewrite the HTTPS for the relevant contents it is asking for. In my server if I navigate to the corresponding paths and files, I can't figure out the URL, they don't simply exist there.
Someone could help me out regarding this?

Have you tried forcing https for your entire site via an .htaccess file?
Try creating an .htaccess file in your main directory and add this code:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

First: edit your includes/configure.php
set
define('HTTP_SERVER', 'https://<yoursite>');
define('HTTPS_SERVER', 'https://<yoursite>');
define('ENABLE_SSL', true);
Second:
Check header.php, footer.php, breadcrumbs.php for "http:" links

How to correctly setup Apache redirects for images

I've set up a reverse proxy from my Windows server to a blog hosted elsewhere. All is fine except for the sitemaps.
The blog is on a subdomain: http://blog.example.com
The proxied domain is https://example.com/blog
As I'm using Wordpress, I've opted for Yoast SEO, but despite ARR doing the rerouting Google tools still complains about images it cannot access - on the origin domain. This is correct in one sense because I've added a second robots.txt on the subdomain, to stop duplicate content, but it doesn't make sense, in the sense that Application Request Routing should be hiding the subdomain. However, we all know that Google does what it wants to do.
I've found some code which I've added to my htaccess file:
# WordPress SEO - XML Sitemap Rewrite Fix - for reverse proxy
RewriteEngine On
RewriteBase /
RewriteRule ^sitemap_index.xml$ https://example.com/blog/index.php?sitemap=1 [L]
RewriteRule ^([^/]+?)-sitemap([0-9]+)?.xml$ https://example.com/blog/index.php?sitemap=$1&sitemap_n=$2 [L]
# END WordPress SEO - XML Sitemap Rewrite Fix
I'm not sure whether it's doing anything at the moment because the image issue still exists, so my next step would be to try and redirect images to the new domain structure... and herein lies the problem - I know absolutely nothing about Apache stuff and definitely not apache rewriting.
What I need to do is redirect anything in the uploads folder, to a new absolute path
From, /wp-content/uploads/myimage.jpg to https://example.com/wp-content/uploads/myimage.jpg
Can anyone help with this final piece of the jigsaw?
Thanks in advance.

You can probably use something like the following in your .htaccess:
RewriteCond %{REQUEST_URI} ^/wp-content/uploads/
RewriteRule ^(.*)\.(jpe?g|gif|png|bmp)$ https://example.com/wp-content/uploads/$1\.$2 [NC,L,R=302]

Prohibit direct access to images URL

I have a blog with images. I do not want that the images are directly accessible through the URL (and also not for Googlebot and other bots)... for example... mysite.com/assets/images/img1... etc. So I thought to password protect the images directory with .htaccess. That worked, only front-end all my images became links, and I had to provide my credentials to make them show. How can I make my images show yet NOT make them directly accessible when typing the corresponding URL and the images URLs (or better yet the images directory) NOT accesible for bots to crawl/index?

Don't go with password protection. The right way to do it would be to filter the requests based on the referer URL. If the request originates from your own site then it's ok. Otherwise the request is trying to get an image directly.
I've found this site with detailed instructions on how to do that: http://altlab.com/htaccess_tutorial.html
Taken from the mentioned site:
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?mysite\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule .*\.(jpe?g|gif|bmp|png)$ http://url_to_default_image.gif [L]
Note that you would have to enable mod_rewrite in your Apache server.
Btw, just asking. Why don't just let people get the image directly if they want to?

Restrict domain to Chrome visitors? Possible?

Is it possible to restrict a domain to only allow visitors using a specific browser?
I'm building an app and it's only been tested in Chrome so far so I only want to allow Chrome users during Beta testing. Basically, I want to white-list browsers as I go through testing. Any suggestions on the approach I should would be greatly appreciated.

Yes you can.
The browser that is accessing the page is in the _SERVER array.
If you find that the accessing browser is not Chrome, then just send a 404 header.

You can block all other useragents with a relevant error message using .htaccess
Put this in .htaccess in root of your site:
ErrorDocument 503 "Your must use Chrome to access this site"
RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} ^(Mozilla.*|Safari.*|Other.*)$ [NC]
RewriteRule .* - [R=503,L]

.HTACCESS - redirect www.example.com/side.php?id=* to www.example.com

I have recently assisted in moving a website from a pure development domain to a live site where there used to be a site handled by another CMS system than what we are currently using. Current system is Joomla, but I don't think it matters much for my question.
So with the current site the URLs are rewritten from the standard Joomla format to be stripped of index.php and .html suffix is added in the address, meaning that URLs look like this:
http://example.com/folder/page.html
In the old site handled by another CMS systems the URLs had the following structure:
http://example.com/side.php?id=1
We are a social organisation with many sites linking to us - also quite a few that we are not even aware of - so the problem I need to handle is this: I need to redirect all these dead links on other sites so that they simply get pointed to the root of our site.
Can anyone please explain to me how to make .htaccess redirect as follows:
/side.php?id=* to root of example.com
In this case I mean the * to mean any number as there are naturally alot of pages with different IDs.
It is not of any significance to me if they point at a www. prefix or not.
Thanks in advance for your help, I hope I have not asked a question that's been answered before but my experience with .htaccess is very limited and having searched and tried different solutions didn't do it for me.

In .htaccess in the root folder, add the following:
RewriteEngine on
RewriteCond %{QUERY_STRING} id=\d+
RewriteRule ^side\.php$ http://%{SERVER_NAME}/ [R=301,L,QSD] #Remove the ",QSD" for Apache <2.4.0, or to keep the query string.
The R=301 will tell browsers/search engines that the page has permanently been moved.

A rule like this should work:
RewriteCond %{HTTP_HOST} .*
RewriteCond %{QUERY_STRING} id=\d+
RewriteRule ^side.php http://example.com [L,R=301]
This will redirect externally, with a HTTP 301 response (Moved Permanently)

What you need here is some 301 Moved Permanently responses to let browsers and search engines know that you're moving pages to a new location. Instead of using a mod_rewrite to redirect all requests to this side.php page, I would analyze each page of your old website and determine where all the content has been moved. Armed with this, use the htaccess Rewrite directive to inform browsers of individual pages being moved
Redirect 301 /side.php?id=123 /about_us.html
Redirect 301 /side.php?id=456 /contact_us.html
I recommend this method because it redirects those who navigate to the outdated page to the new page that has similar content to the old one they were requesting instead of just redirecting them all to your home page.