Anyone making the jump? Google chrome is starting to become an issue for sites not using an ssl as is Apple. I found out a couple days ago my IOS app will not be working as of January 1 unless I use https..

Does anyone have any strategy or plans for switching?

I have been using SSL now for a little over two years. I remember during the transition that the site's traffic plummeted. http and https are not looked at as the same url and link juice was deluded even with a 301 redirect. All those back links to my site lost a lot of weight. They were pointing to http and not https, and when I redirected the http to https through htaccess the site lost ranking. Lastly, it took some time for Google to reindex the site and update the site's urls.

Just a heads up, be patient because it will get worse before it gets better. If you're working on SEO, save your money until after you make the transition, because building up the http address is a waste in the long run.

One of the sites I help admin is beginning to talk about it. :)

I've been using it for a long time now with thanks to https://letsencrypt.org/ for free SSL certificates.

I have been using SSL now for a little over two years. I remember during the transition that the site's traffic plummeted. http and https are not looked at as the same url and link juice was deluded even with a 301 redirect. All those back links to my site lost a lot of weight. They were pointing to http and not https, and when I redirected the http to https through htaccess the site lost ranking. Lastly, it took some time for Google to reindex the site and update the site's urls.

Just a heads up, be patient because it will get worse before it gets better. If you're working on SEO, save your money until after you make the transition, because building up the http address is a waste in the long run.
Yeah, that is what I am afraid of and why I have put this off for a long time.

--------------- Added 29 Nov 2016 at 19:37 ---------------

I've been using it for a long time now with thanks to https://letsencrypt.org/ for free SSL certificates.

Thanks for that link!

I think mine cost me about $15 a year or something. I do have an ssl set up. I just do not have it for the entire domain.

Yeah, that is what I am afraid of and why I have put this off for a long time.

--------------- Added 29 Nov 2016 at 19:37 ---------------



Thanks for that link!

I think mine cost me about $15 a year or something. I do have an ssl set up. I just do not have it for the entire domain.

Best thing is, you can setup automated cronjobs that renews the LetsEncrypt SSL certificate so you never have to worry about renewing them manually.

Apache: https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-16-04
nginx: https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-16-04#step-6-set-up-auto-renewal
IIS: https://github.com/ebekker/ACMESharp

Or use https://certbot.eff.org/

I've been using it for a long time now with thanks to https://letsencrypt.org/ for free SSL certificates.

I use Lets Encrypt also, on a VB friendly host, GlowHost. I started my site from scratch with SSL, so i managed to avoid the worry of lost back links etc...

Best way to go using SSL in my opinion. People just do not trust unsecured sites like they used to.

I added https capability to my forum for anyone who wanted to use it, but its not the default.

The same applies to vb.org, it will work here if you want, but its not the default.

We actually switched vb.com to use it as the default yesterday, since its needed for the IOS mobile app (mandatory soon).

I used https://www.sslforfree.com/ which uses https://letsencrypt.org/ for generating the certificates. It's easy to use. I just have no time to install the certificate on the server yet and the cron jobs to auto-renew.

I added https capability to my forum for anyone who wanted to use it, but its not the default.

The same applies to vb.org, it will work here if you want, but its not the default.

We actually switched vb.com to use it as the default yesterday, since its needed for the IOS mobile app (mandatory soon).Yep, that is exactly why I have to switch as well..

It would be interesting to see how switching impacts seo and traffic to Vbulletin.com.

--------------- Added 1480626162 at 1480626162 ---------------

I have been working on this and it turned out to be more complicated than I expected. Certain things are not functioning in the admincp I suppose from being blocked by browsers due to not being secure..

First though I have these 3 items I have not been able to find or I found and changed and they may be cached.
https://www.whynopadlock.com/check.php

Insecure URL: http://ajax.googleapis.com/ajax/libs/yui/2.9.0/build/yuiloader-dom-event/yuiloader-dom-event.js
Found in: https://REMOVED/

Insecure URL: http://REMOVED/images/styles/scarydark/style/icon-youtube.png
Found in: https://REMOVED/

Insecure URL: http://ajax.googleapis.com/ajax/libs/yui/2.9.0/build/animation/animation-min.js?v=423
Found in: https://REMOVED/


I also am trying to get my htaccess to redirect both non www and www to https://


Options +FollowSymLinks
RewriteEngine on
RewriteBase /

RewriteCond %{HTTP_HOST} ^www.musclemecca\.com$ [NC]
RewriteRule ^(.*)$ http://REMOVED/$1 [L,R=301]


#RedirectMatch 301 ^/content/(.*)$ http://REMOVED/content/$1

RewriteRule ^reviews/([^/]*)/ ./reviews.php?do=main&catid=$1 [L,NC]
RewriteRule ^review/([^/]*)/ ./reviews.php?do=viewreview&reviewid=$1 [L,NC]
RewriteRule ^reviewer/([^/]*)/ ./reviews.php?do=reviewer&reviewerid=$1 [L,NC]

## SITE REFERRER BANNING

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} on
RewriteRule .* http://%{HTTP_HOST}%{REQUEST_URI}
</IfModule>

<IfModule mod_headers.c>
<FilesMatch "\.(bmp|css|flv|gif|ico|jpg|jpeg|js|pdf|png|svg|swf |tif|tiff)$">
Header set Last-Modified "Mon, 15 Feb 2013 00:00:00 GMT"
</FilesMatch>
</IfModule>

# BEGIN W3TC Browser Cache
<IfModule mod_mime.c>
AddType text/css .css
AddType application/javascript .js
AddType application/x-javascript .js
AddType text/html .html .htm
AddType text/richtext .rtf .rtx
AddType image/svg+xml .svg .svgz
AddType text/plain .txt
AddType text/xsd .xsd
AddType text/xsl .xsl
AddType text/xml .xml
AddType video/asf .asf .asx .wax .wmv .wmx
AddType video/avi .avi
AddType image/bmp .bmp
AddType application/java .class
AddType video/divx .divx
AddType application/msword .doc .docx
AddType application/x-msdownload .exe
AddType image/gif .gif
AddType application/x-gzip .gz .gzip
AddType image/x-icon .ico
AddType image/jpeg .jpg .jpeg .jpe
AddType application/vnd.ms-access .mdb
AddType audio/midi .mid .midi
AddType video/quicktime .mov .qt
AddType audio/mpeg .mp3 .m4a
AddType video/mp4 .mp4 .m4v
AddType video/mpeg .mpeg .mpg .mpe
AddType application/vnd.ms-project .mpp
AddType application/vnd.oasis.opendocument.database .odb
AddType application/vnd.oasis.opendocument.chart .odc
AddType application/vnd.oasis.opendocument.formula .odf
AddType application/vnd.oasis.opendocument.graphics .odg
AddType application/vnd.oasis.opendocument.presentation .odp
AddType application/vnd.oasis.opendocument.spreadsheet .ods
AddType application/vnd.oasis.opendocument.text .odt
AddType audio/ogg .ogg
AddType application/pdf .pdf
AddType image/png .png
AddType application/vnd.ms-powerpoint .pot .pps .ppt .pptx
AddType audio/x-realaudio .ra .ram
AddType application/x-shockwave-flash .swf
AddType application/x-tar .tar
AddType image/tiff .tif .tiff
AddType audio/wav .wav
AddType audio/wma .wma
AddType application/vnd.ms-write .wri
AddType application/vnd.ms-excel .xla .xls .xlsx .xlt .xlw
AddType application/zip .zip
</IfModule>
# END W3TC Browser Cache

# START E-Tag
<ifModule mod_headers.c>
Header unset ETag
</ifModule>
FileETag None
# END E-Tag

# START Deny attempts to view the Htaccess file.
<Files .htaccess>
Order allow,deny
Deny from all
</Files>
# END Deny attempts to view the Htaccess file.

# Start Deny attempts to view the config file.
<Files includes/config.php>
Order allow,deny
Deny from all
</Files>
# End Deny attempts to view the config file.

# Block User-agent Libwww-perl
RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} libwww-perl.*
RewriteRule .* ? [F,L]

# proc/self/environ? no way!
RewriteCond %{QUERY_STRING} proc/self/environ [OR]
# Block out any script trying to set a mosConfig value through the URL
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|%3D) [OR]
# Block out any script trying to base64_encode crap to send via URL
RewriteCond %{QUERY_STRING} base64_encode.*(.*) [OR]
# Block out any script that includes a <script> tag in URL
RewriteCond %{QUERY_STRING} (<|%3C).*script.*(>|%3E) [NC,OR]
# Block out any script trying to set a PHP GLOBALS variable via URL
RewriteCond %{QUERY_STRING} GLOBALS(=|[|%[0-9A-Z]{0,2}) [OR]
# Block out any script trying to modify a _REQUEST variable via URL
RewriteCond %{QUERY_STRING} _REQUEST(=|[|%[0-9A-Z]{0,2})

# Measures to block out SQL injection attacks
RewriteCond %{QUERY_STRING} ^.*(;|<|>|'|"|\)|%0A|%0D|%22|%27|%3C|%3E|%00).*(/\*|union|select|insert|cast|set|declare|drop|updat e|md5|benchmark).* [NC,OR]

RewriteEngine On

# new static rulers
Redirect 301 /270/ http://REMOVED/forumdisplay.php/226-MuscleMecca-HeadQuarters
Redirect 301 /271/ http://REMOVED/forumdisplay.php/226-MuscleMecca-HeadQuarters
Redirect 301 /277/ http://REMOVED/forumdisplay.php/277-Legendary-Threads

Redirect 301 /f226/ http://REMOVED/forumdisplay.php/226-MuscleMecca-HeadQuarters
Redirect 301 /f226/2012-amateur-olympia-guaratees-spot-2013-mr-o-220736/ http://REMOVED/showthread.php/220736-2012-Amateur-Olympia!-Guaratees-spot-at-the-2013-Mr-O-!!!!
Redirect 301 /f226/antoine-vaillant-updates-official-thread-219458/index11.html http://REMOVED/showthread.php/219458-Antoine-Vaillant-%28Updates%29-Official-Thread/page11
Redirect 301 /f226/antoine-vaillant-updates-official-thread-219458/index2.html http://REMOVED/showthread.php/219458-Antoine-Vaillant-(Updates)-Official-Thread
Redirect 301 /f226/arnold-schwarzenegger-training-recently-219595/ http://REMOVED/showthread.php/219595-Arnold-Schwarzenegger-Training-Recently!?highlight=arnold-schwarzenegger-training
Redirect 301 /f226/article-re-ronnie-coleman-updates-official-thread-220863/ http://REMOVED/content.php?r=186-Re-Ronnie-Coleman-(Updates)-Official-Thread
Redirect 301 /f226/article-re-ronnie-coleman-updates-official-thread-220863/ http://REMOVED/showthread.php/221015-Ronnie-Coleman-(Updates)-Official-Thread
Redirect 301 /f226/kai-greene-arnold-preview-184695/ http://REMOVED/showthread.php/184695-Kai-Greene-%28Arnold-Preview%29?highlight=kai-greene-arnold-preview
Redirect 301 /f226/mark-alvisi-dragon-training-series-episode-4-arms-workout-213074/ http://REMOVED/showthread.php/213074-Mark-Alvisi-Dragon-Training-Series-Episode-4-(Arms-Workout)
Redirect 301 /f226/new-md-october-2008-a-197679/ http://REMOVED/showthread.php/197679-NEW-MD-OCTOBER-2008
Redirect 301 /f226/ronnie-coleman-207389/ http://REMOVED/forumdisplay.php/307-Ronnie-Coleman
Redirect 301 /f265/ http://REMOVED/forumdisplay.php/265-Movies-Games-TV-and-Music
Redirect 301 /f265/toy-story-3-movie-trailer-213280/ http://REMOVED/showthread.php/213280-Toy-Story-3-movie-trailer
Redirect 301 /f267/ http://REMOVED/forumdisplay.php/267-The-2008-MEMBER-OF-THE-YEAR
Redirect 301 /f270/ http://REMOVED/forumdisplay.php/226-MuscleMecca-HeadQuarters
Redirect 301 /f271/ http://REMOVED/forumdisplay.php/226-MuscleMecca-HeadQuarters
Redirect 301 /f277/ http://REMOVED/forumdisplay.php/277-Legendary-Threads
Redirect 301 /f286/ http://REMOVED/forumdisplay.php/286-Androgenetx-com
Redirect 301 /f289/ http://REMOVED/forumdisplay.php/226-MuscleMecca-HeadQuarters
Redirect 301 /f290/ http://REMOVED/forumdisplay.php/290-CEMproducts-com
Redirect 301 /f293/ http://REMOVED/forumdisplay.php/226-MuscleMecca-HeadQuarters
Redirect 301 /f298/ http://REMOVED/forumdisplay.php/226-MuscleMecca-HeadQuarters
Redirect 301 /f299/ http://REMOVED/forumdisplay.php/226-MuscleMecca-HeadQuarters
Redirect 301 /f300/ http://REMOVED/forumdisplay.php/229-MuscleMecca-Feedback
Redirect 301 /f301/ http://REMOVED/forumdisplay.php/301-Diet-Nutrition-and-Enhancement-Forum
Redirect 301 /f302/ http://REMOVED/forumdisplay.php/226-MuscleMecca-HeadQuarters
Redirect 301 /f305/ http://REMOVED/forumdisplay.php/305-Bodybuilder-Pro-List
Redirect 301 /f306/ http://REMOVED/forumdisplay.php/306-Arnold-Schwarzenegger
Redirect 301 /f307/ http://REMOVED/forumdisplay.php/307-Ronnie-Coleman
Redirect 301 /f308/ http://REMOVED/forumdisplay.php/308-Phil-Heath
Redirect 301 /f321/ http://REMOVED/forumdisplay.php/321-John-Grimek
Redirect 301 /f322/ http://REMOVED/forumdisplay.php/322-Sergio-Oliva
Redirect 301 /f328/ http://REMOVED/forumdisplay.php/328-Shawn-Roden
Redirect 301 /f329/ http://REMOVED/forumdisplay.php/329-Lionel-Beyeke
Redirect 301 /f352/ http://REMOVED/forumdisplay.php/325-Bob-Paris

Redirect 301 /showthread.php/235881-San-Marino-Classic-2015-play-by-play-by-UnderBody http://REMOVED/showthread.php/235413-2015-IFBB-San-Marino-Pro
Redirect 301 /showthread.php/235881-San-Marino-Classic-2015-play-by-play-by-UnderBody/page1 http://REMOVED/showthread.php/235413-2015-IFBB-San-Marino-Pro
Redirect 301 /showthread.php/235881-San-Marino-Classic-2015-play-by-play-by-UnderBody/page2 http://REMOVED/showthread.php/235413-2015-IFBB-San-Marino-Pro
Redirect 301 /showthread.php/235881-San-Marino-Classic-2015-play-by-play-by-UnderBody/page3 http://REMOVED/showthread.php/235413-2015-IFBB-San-Marino-Pro
Redirect 301 /showthread.php/235881-San-Marino-Classic-2015-play-by-play-by-UnderBody/page4 http://REMOVED/showthread.php/235413-2015-IFBB-San-Marino-Pro
Redirect 301 /showthread.php?t=235881 http://REMOVED/showthread.php/235413-2015-IFBB-San-Marino-Pro


Redirect 301 /showthread.php/lee-priest-cradle-top-36785.html http://REMOVED/showthread.php/206007-LEE-PRIEST-FROM-THE-CRADLE-TO-THE-TOP

Redirect 301 /arnold-classic-298/ http://REMOVED/forumdisplay.php/226-MuscleMecca-HeadQuarters
Redirect 301 /arnold-classic-298/ http://REMOVED/forumdisplay.php/306-Arnold-Schwarzenegger
Redirect 301 /bodybuilding-pictures-270/ http://REMOVED/albumall.php
Redirect 301 /bodybuilding-videos-231/ http://REMOVED/forumdisplay.php/340-Muscle-Video
Redirect 301 /forum/ http://REMOVED/forum.php
Redirect 301 /forum/index.php http://REMOVED/forum.php

Redirect 301 /showthread.php/234271-2014-Arnold-Classic-BRAZIL! http://REMOVED/showthread.php/234271-2014-Arnold-Classic-BRAZIL-Steve-Kuclo-wins!!!
Redirect 301 /showthread.php/234271-2014-Arnold-Classic-BRAZIL!/page2 http://REMOVED/showthread.php/234271-2014-Arnold-Classic-BRAZIL-Steve-Kuclo-wins!!!/page2
Redirect 301 /showthread.php/234271-2014-Arnold-Classic-BRAZIL!/page3 http://REMOVED/showthread.php/234271-2014-Arnold-Classic-BRAZIL-Steve-Kuclo-wins!!!/page3
Redirect 301 /showthread.php/234271-2014-Arnold-Classic-BRAZIL!/page4 http://REMOVED/showthread.php/234271-2014-Arnold-Classic-BRAZIL-Steve-Kuclo-wins!!!/page4
Redirect 301 /showthread.php/234271-2014-Arnold-Classic-BRAZIL!/page5 http://REMOVED/showthread.php/234271-2014-Arnold-Classic-BRAZIL-Steve-Kuclo-wins!!!/page5
Redirect 301 /showthread.php/234271-2014-Arnold-Classic-BRAZIL!/page6 http://REMOVED/showthread.php/234271-2014-Arnold-Classic-BRAZIL-Steve-Kuclo-wins!!!/page6

Redirect 301 /showthread.php/old-scans-nasser-el-sonbaty-jean-pierre-fux-photoshoot-40694.html http://REMOVED/showthread.php/209746-OLD-SCANS-NASSER-EL-SONBATY-amp-JEAN-PIERRE-FUX-PHOTOSHOOT
Redirect 301 /showthread.php/jean-pierre-fux-squat-accident-3436.html http://REMOVED/showthread.php/194677-No-No-No-Squatting

Redirect 301 /content.php/326-content.php/326-2014-Arnold-Classic-BRAZIL! http://REMOVED/content.php/326-2014-Arnold-Classic-BRAZIL!
Redirect 301 /content.php/287-content.php/287-This-Week-We-Feature-Lionel-Beyeke http://REMOVED/content.php/287-This-Week-We-Feature-Lionel-Beyeke
Redirect 301 /content.php/298-content.php/298-Mr-Olympia-Caption-this-funny-pics http://REMOVED/content.php/298-Mr-Olympia-Caption-this-funny-pics
Redirect 301 /content.php/281-content.php/281-Max-Charles-Overall-winner-at-the-2013-USA-s! http://REMOVED/content.php/281-Max-Charles-Overall-winner-at-the-2013-USA-s!
Redirect 301 /content.php/288-content.php/288-Big-Ramy-The-2013-Bodybuilding-year-and-what-lies-ahead http://REMOVED/content.php/288-Big-Ramy-The-2013-Bodybuilding-year-and-what-lies-ahead
Redirect 301 /content.php/276-content.php/276-Video-Q-amp-A-with-Ronnie-Coleman http://REMOVED/content.php/276-Video-Q-amp-A-with-Ronnie-Coleman
Redirect 301 /content.php/301-content.php/301-Phil-Heath-Wins-the-2013-Mr-Olympia-FULL-Results! http://REMOVED/content.php/301-Phil-Heath-Wins-the-2013-Mr-Olympia-FULL-Results!
Redirect 301 /content.php/331-content.php/331-2014-New-York-Pro-updates! http://REMOVED/content.php/331-2014-New-York-Pro-updates!
Redirect 301 /content.php/180-content.php/180-What-you-need-to-know-about-Powerlifting http://REMOVED/content.php/180-What-you-need-to-know-about-Powerlifting
Redirect 301 /content.php/255-content.php/255-Arnold-Schwarzenegger-RARE-pics! http://REMOVED/content.php/255-Arnold-Schwarzenegger-RARE-pics!
Redirect 301 /content.php/243-content.php/243-Dorian-Yates-BFTO-1996 http://REMOVED/content.php/243-Dorian-Yates-BFTO-1996
Redirect 301 /content.php/263-content.php/263-Stage-6-***Top-6-GUESS***-2013-New-York-Pro!!! http://REMOVED/content.php/263-Stage-6-***Top-6-GUESS***-2013-New-York-Pro!!!
Redirect 301 /content.php/325-content.php/325-2014-Arnold-Classic-RESULTS-SCORECARDS! http://REMOVED/content.php/325-2014-Arnold-Classic-RESULTS-SCORECARDS!
Redirect 301 /content.php/264-content.php/264-John-Carrol-Grimek-is-the-Monarch-of-Muscledom http://REMOVED/content.php/264-John-Carrol-Grimek-is-the-Monarch-of-Muscledom
Redirect 301 /content.php/289-content.php/289-Dexter-Jackson-The-Big-Bad-Blade-Blazing-as-Always http://REMOVED/content.php/289-Dexter-Jackson-The-Big-Bad-Blade-Blazing-as-Always
Redirect 301 /content.php/247-content.php/247-2013-Arnold-Classic-LIVE-WEBCAST! http://REMOVED/content.php/247-2013-Arnold-Classic-LIVE-WEBCAST!
Redirect 301 /content.php/317-content.php/317-Lee-Priest-%E2%80%93-Professional-Bodybuilder-Race-Car-Driver-and-Movie-Actor http://REMOVED/content.php/317-Lee-Priest-%E2%80%93-Professional-Bodybuilder-Race-Car-Driver-and-Movie-Actor
Redirect 301 /content.php/327-content.php/327-2014-Europa-Orlando-Pro-photos-RESULTS! http://REMOVED/content.php/327-2014-Europa-Orlando-Pro-photos-RESULTS!
Redirect 301 /content.php/237-content.php/237-Dorian-Yates-Into-The-Shadow-%28London-Real%29 http://REMOVED/content.php/237-Dorian-Yates-Into-The-Shadow-%28London-Real%29
Redirect 301 /content.php/278-Re-Jay-Cutler-(Updates)-Official-Thread http://REMOVED/showthread.php/219271-Jay-Cutler-(Updates)-Official-Thread

Redirect 301 /forums/223-Off-Topic-Discussion http://REMOVED/forumdisplay.php/223-Off-Topic-Discussion
Redirect 301 /forums/281-MuscleMecca-Supporters http://REMOVED/forumdisplay.php/281-MuscleMecca-Supporters
Redirect 301 /forums/237-Advanced-Chemicals http://REMOVED/forumdisplay.php/237-Advanced-Chemicals
Redirect 301 /forumdisplay.php/226-MuscleMecca-HeadQuartersflex-magazine-cover-march-09-a-210952/ http://REMOVED/showthread.php/210952-Flex-magazine-cover-for-march-09

Redirect 301 /entry.php/40-Lou-Ferrigno-Another-Italian-Kid-From-Brooklyn http://REMOVED/entry.php/39-Lou-Ferrigno-Another-Italian-Kid-From-Brooklyn

Redirect 301 /showthread.php?216191-Cedric%20McMillan%20=%20Next%20Coleman http://REMOVED/showthread.php/216191-Cedric-McMillan-Next-Coleman?highlight=Cedric+McMillan+Coleman
Redirect 301 /showthread.php/216191-Cedric-McMillan-Next-Coleman http://REMOVED/showthread.php/216191-Cedric-McMillan-Next-Coleman?highlight=Cedric+McMillan+Coleman

Redirect 301 /showthread.php/235479-2015-Mr-Olympia http://REMOVED/showthread.php/235481-The-2015-Mr-Olympia
## Tags
RedirectMatch 301 ^/tags/([A-Za-z0-9-]+)/$ http://REMOVED/tags.php?tag=$1

## Members
RedirectMatch 301 ^/members/(.*)$ http://REMOVED/member.php/$1

##Treads
RedirectMatch 301 ^/f([0-9]+)/([A-Za-z0-9-]+)-([0-9-]+)/index([0-9-]+)\.html$ http://REMOVED/showthread.php/$3-$2/page$4
RedirectMatch 301 ^/f([0-9]+)/([A-Za-z0-9-]+)-([0-9-]+)/$ http://REMOVED/showthread.php/$3-$2

RedirectMatch 301 ^/([0-9-]+)-post([0-9-]+)\.html$ http://REMOVED/showthread.php?p=$1
RedirectMatch 301 ^/threads/(.*)$ http://REMOVED/showthread.php/$1

##SiteMap
RedirectMatch 301 ^/sitemap/f-([a-z0-9-]+)\.html$ http://REMOVED/archive/index.php/f-$1.html

RedirectMatch 301 ^/([A-Za-z0-9-]+)-([0-9-]+)/([A-Za-z0-9-_]+)-([0-9-]+)/index([0-9-]+)\.html$ http://REMOVED/showthread.php/$4-$3/page$5
RedirectMatch 301 ^/([A-Za-z0-9-]+)-([0-9-]+)/([A-Za-z0-9-_]+)-([0-9-]+)/index([0-9-]+)$ http://REMOVED/showthread.php/$4-$3/page$5
RedirectMatch 301 ^/([A-Za-z0-9-]+)-([0-9-]+)/([A-Za-z0-9-_]+)-([0-9-]+)/(.*)$ http://REMOVED/showthread.php/$4-$3
RedirectMatch 301 ^/([A-Za-z0-9-]+)-([0-9-]+)/([A-Za-z0-9-_]+)-([0-9-]+)/$ http://REMOVED/showthread.php/$4-$3

## Forums
RedirectMatch 301 ^/([A-Za-z0-9-]+)-([0-9-]+)/$ http://REMOVED/forumdisplay.php/$2-$1

Redirect 301 /content.php/324-2014-Arnold-Classic-photos-videos! http://REMOVED/showthread.php/234224-2014-Arnold-Classic-photos-amp-videos!?highlight=2014+arnold+classic+photos+video s

Redirect 301 /showthread.php/your-views-bb-com-30114.html http://REMOVED/search.php?searchid=1890113

ErrorDocument 400 /400.php
ErrorDocument 401 /401.php
ErrorDocument 403 /403.php
ErrorDocument 404 /404.php
ErrorDocument 500 /500.php


Appreciate the help,
Rich

Try this my Man ....


# Always use https for secure connections
# Replace 'www.example.com' with your domain name
# (as it appears on your SSL certificate)
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.yoursite.com/$1 [R=301,L]

RewriteCond %{HTTP_HOST} ^yoursite.com$
RewriteRule ^(.*)$ "https\:\/\/www\.yoursite\.com\/$1" [R=301,L]


# To redirect both www and non www
RewriteCond %{HTTP_HOST} ^yoursite\.com$ [OR]
RewriteCond %{HTTP_HOST} ^www\.yoursite\.com$
RewriteRule ^/?$ "https\:\/\/www\.yoursite\.com" [R=301,L]

I also encountered problems in the AdminCP with HTTPS and Cloudflare. This is what I had to change:

/admincp/index.php look around line 495, and replace the $mainframe variable with
$mainframe = "<frame src=\"" . str_replace("http://", "https://", iif(!empty($vbulletin->GPC['loc']) AND !preg_match('#^[a-z]+:#i', $vbulletin->GPC['loc']), create_full_url($vbulletin->GPC['loc']), "index.php?" . $vbulletin->session->vars['sessionurl'] . "do=home")) . "\" name=\"main\" scrolling=\"yes\" frameborder=\"0\" marginwidth=\"10\" marginheight=\"10\" border=\"no\" />\n";

Thanks brother,

I tried that one earlier and I could not get on. I have to look at the rest of my htaccess.

I have decided to revert my main url's back to http for now.. Too many issues and some of them may be from Cloudflare. Thought I had this almost done but Chrome was giving me major issues.

As of right now my ads are using https as are other components though the main urls are still http.

PITA..

Thanks for the assistance bro

--------------- Added 1480630464 at 1480630464 ---------------

I also encountered problems in the AdminCP with HTTPS and Cloudflare. This is what I had to change:

/admincp/index.php look around line 495, and replace the $mainframe variable with
$mainframe = "<frame src=\"" . str_replace("http://", "https://", iif(!empty($vbulletin->GPC['loc']) AND !preg_match('#^[a-z]+:#i', $vbulletin->GPC['loc']), create_full_url($vbulletin->GPC['loc']), "index.php?" . $vbulletin->session->vars['sessionurl'] . "do=home")) . "\" name=\"main\" scrolling=\"yes\" frameborder=\"0\" marginwidth=\"10\" marginheight=\"10\" border=\"no\" />\n";
I just posted before I saw this. Let me take a look and maybe this is what I need. :)

Thanks

--------------- Added 1480630717 at 1480630717 ---------------

I also encountered problems in the AdminCP with HTTPS and Cloudflare. This is what I had to change:

/admincp/index.php look around line 495, and replace the $mainframe variable with
$mainframe = "<frame src=\"" . str_replace("http://", "https://", iif(!empty($vbulletin->GPC['loc']) AND !preg_match('#^[a-z]+:#i', $vbulletin->GPC['loc']), create_full_url($vbulletin->GPC['loc']), "index.php?" . $vbulletin->session->vars['sessionurl'] . "do=home")) . "\" name=\"main\" scrolling=\"yes\" frameborder=\"0\" marginwidth=\"10\" marginheight=\"10\" border=\"no\" />\n";

How did you have the Crypto page set on Cloudflare Dave?

Thanks brother,

I tried that one earlier and I could not get on. I have to look at the rest of my htaccess.

I have decided to revert my main url's back to http for now.. Too many issues and some of them may be from Cloudflare. Thought I had this almost done but Chrome was giving me major issues.

As of right now my ads are using https as are other components though the main urls are still http.

PITA..

Thanks for the assistance bro

--------------- Added 1480630464 at 1480630464 ---------------


I just posted before I saw this. Let me take a look and maybe this is what I need. :)

Thanks

--------------- Added 1480630717 at 1480630717 ---------------



How did you have the Crypto page set on Cloudflare Dave?

Default settings as far as I know: flexible SSL, HSTS on, origin pulls off, opportunistic encryption on, TLS 1.3 on, automatic HTTPS rewrites on.

Thanks, I will give this another go in a few minutes. :)

Any idea as to what was messing up my htaccess redirects? I tried Cheech's above and I had this one as well:

RewriteEngine On
RewriteCond %{HTTPS} on
RewriteCond %{HTTP_HOST} ^www\.(.*)
RewriteRule ^(.*)$ https://%1/$1 [R=301,L]

neither of these worked and gave me redirect errors..

Thanks again guys,
Rich

Ah yeah ! I had cloudflare too and it didn't work with the https ... they do say it has problems with it for some reason ... sorry my Man ...

Ah yeah ! I had cloudflare too and it didn't work with the https ... they do say it has problems with it for some reason ... sorry my Man ...That's ok brother, Thanks! :up:

--------------- Added 1480635993 at 1480635993 ---------------

Ah yeah ! I had cloudflare too and it didn't work with the https ... they do say it has problems with it for some reason ... sorry my Man ...I like Cloudflare but the plan I have is currently $20 The next one up is $200. :eek: I think that is the plan I need to use my own cert that I already have..I think my issue is that I need to use their cert.

Yeah I think so too ... that is what I remember from talking with hostgator about it all ...

I've used without issue in the past :


RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://YOURSITE$1 [R,L]

RewriteCond %{HTTP_HOST} !^$
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteCond %{HTTPS}s ^on(s)|
RewriteRule ^ http%1://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]


Then I just created a a page rule On cloudflare and disabled performance on the admincp and had no issues.

Looks like they will get me for another $5 per month just to use a decent cert from them.. I think that will do the trick though.

Will still need to figure out my htaccess but that should do it hopefully..

--------------- Added 1480636366 at 1480636366 ---------------

I've used without issue in the past :


RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://YOURSITE$1 [R,L]

RewriteCond %{HTTP_HOST} !^$
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteCond %{HTTPS}s ^on(s)|
RewriteRule ^ http%1://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
Then I just created a a page rule On cloudflare and disabled performance on the admincp and had no issues.

Thanks, I will try that htaccess

I already have everything bypassed for admincp. :)

--------------- Added 1480636898 at 1480636898 ---------------

I cannot understand why everything is messed up in Chrome.. looks like my entire theme is screwed up.

I cannot understand why everything is messed up in Chrome.. looks like my entire theme is screwed up.

Looks OK to me.

Ok, I fixed that.. just had to add the full url to those images for the theme.

I just need to figure out my htaccess next and done. :)

I hate chrome dude ... I stay with firefox exclusively ...

I hate chrome dude ... I stay with firefox exclusively ...I usually do but lately firefox has been sluggish and laggy mostly due to my speeddials and the sheer amount of tabs I have open at any one time.

Chrome seems to handle it ok but it is not always so friendly.

I have actually tried the latest IE and it is pretty quick but it doesn't have the tools I need, webdeveloper tool bar, Firebug, etc..

Anyways I use Firefox mostly still though my sites have to be user friendly to everyone.

This is my .htaccess:

RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\.christforums\.org [OR,NC]
RewriteCond %{HTTPS} off
RewriteRule ^ https://www.christforums.org%{REQUEST_URI} [NE,R=301,L]

Regarding Browsers, I now use Brave. Ex Mozilla CEO Is Back (https://www.lifesitenews.com/news/shunned-for-supporting-traditional-marriage-former-mozilla-ceo-is-back-with)

For a direct link to Brave: https://brave.com/

I haven't any issue now with Cloudflare, though I did have to create a pagerule for the admincp. Rocket Loader is off for pages that have the Ckeditor, but overall Cloudflare has increased performance and lowered my page load time by several seconds. My load times are consistently under two seconds.

Enjoy,
Shim

Ok, I got a working solution. I did this myself and I am not very skilled at htaccess so please let me know if this is ok:

Options +FollowSymLinksRewriteEngine onRewriteBase /RewriteCond %{HTTP_HOST} ^mysite\.com$ [NC]RewriteCond %{HTTP_HOST} ^mysite\.com$ [NC]RewriteRule ^(.*)$ https://mysite.com/$1 [L,R=301]

--------------- Added 1480654997 at 1480654997 ---------------

The solution I found that works better than htaccess is to use page rules in cloudflare. The only issue is that browsers will still have issues with mixed content such as images from third party sites not using https..

I have been using that import plug in for years so hopefully we will not have an issue with this. The plug in has a url replace setting so just put in your https://yoursite.XXX

--------------- Added 1480656801 at 1480656801 ---------------

Hmmmmm

I have everything set I believe but I am having issues now with both browsers in the admincpanel.

I cannot rebuild the search table because it will not load the next page. This is javascript..

When updating settings I do not ever get to the new page once completed.

I did update some of the urls for jquery, etc to include https


##Dave I did incorporate your change but it has helped this issue..

--------------- Added 1480658962 at 1480658962 ---------------

I also encountered problems in the AdminCP with HTTPS and Cloudflare. This is what I had to change:

/admincp/index.php look around line 495, and replace the $mainframe variable with
$mainframe = "<frame src="" . str_replace("http://", "https://", iif(!empty($vbulletin->GPC['loc']) AND !preg_match('#^[a-z]+:#i', $vbulletin->GPC['loc']), create_full_url($vbulletin->GPC['loc']), "index.php?" . $vbulletin->session->vars['sessionurl'] . "do=home")) . "" name="main" scrolling="yes" frameborder="0" marginwidth="10" marginheight="10" border="no" />\n";

When I use this I get:
PHP Warning: trim() expects parameter 1 to be string, array given in ..../includes/adminfunctions_options.php on line 1032

when saving admincp options..

Everything seems to be working fine except for the admincp.. I can see that the the url that pushes to the next page as in the image below are not https:// for some reason..

The error PHP Warning: trim() expects parameter 1 to be string, array given in ..../includes/adminfunctions_options.php on line 1032

Seems to be caused by a plugin because it happens in the validate_setting_value function.

This is the htaccess I ended up using. This redirects everything to https://

RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteCond %{HTTP:X-Forwarded-Proto} !https [NC]
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

I am still having some issues inside the admincp.

I cannot use the user search now. In firefox it will not search at all and in Chrome the section where the search is shows up blank once I trigger a search.

Also, if I edit a forum it never finishes and redirects back. Same thing when I edit an option in the settings. Then if I look at the link below where it says the following:

If you are not automatically redirected, please click here.
Processing Complete - Proceed

Both of those links show no https://

I really need these functions fixed. Especially the user search. Some help would be appreciated please. :)

The change to the PHP file I supplied a couple of posts ago did not fix that? I had the same issue and changing that fixed it for me.

The change to the PHP file I supplied a couple of posts ago did not fix that? I had the same issue and changing that fixed it for me.
Thanks Dave but no, no change with that. I am not getting an error any more but it is not fixing the issue.

Thanks Dave but no, no change with that. I am not getting an error any more but it is not fixing the issue.


RICHIE, you finally resolve this issue? i have the same problem.

i made a whm/cpanel module for lets encrypt which handles everything for you. just select the domain/subdomain you want to install it on and it handles everything else...

attached a few screens for you to look at....

I switched a long time ago because of this :D makes it so easy why wouldn't you :D

RICHIE, you finally resolve this issue? i have the same problem.I never did resolve the issue but my work around is to use firefox, click on the yellow triangle warning in the url box and click disable security.. I do this in the admincp only..

--------------- Added 1482002174 at 1482002174 ---------------

i made a whm/cpanel module for lets encrypt which handles everything for you. just select the domain/subdomain you want to install it on and it handles everything else...

attached a few screens for you to look at....

I switched a long time ago because of this :D makes it so easy why wouldn't you :D
I have Plesk. :)

Internal links still need to be changed, settings, etc. Adding the certificate itself is really easy. I use Cloudflare and their cert so that aspect is even easier.

I think there are still issues with certain areas of Vbulletin itself and some plug ins..

Thanks through..would use your plug for sure if I had cpanel.. :up:

Those getting mixed content warnings in the admincp, please make the file changes here:
http://www.vbulletin.com/forum/node/4355527

These changes will work for either vB3 or vB4 (not needed in vB5).
They are applied by default in 3.8.11 and 4.2.5.

Those getting mixed content warnings in the admincp, please make the file changes here:
http://www.vbulletin.com/forum/node/4355527

These changes will work for either vB3 or vB4 (not needed in vB5).
They are applied by default in 3.8.11 and 4.2.5.

I don't have those changes at all and I don't get mixed content warnings in the admincp and it always displays the greed padlock ....just saying ...

I don't have those changes at all and I don't get mixed content warnings in the admincp and it always displays the greed padlock ....just saying ...

Same here... I also use an image importer to fix mixed content warnings in the forums/CMS/Blog etc.. So far I am keeping everything secure with no mixed content warnings by doing nothing other than installing the SSL and adding the image importer.

I actually made the changes to the admincp/index.php and I still have the issues with mixed content.

In addition when I click on those processing links with in the admincp they still show urls that do not have https://..

What version of Vbulletin do you guys have?

I actually made the changes to the admincp/index.php and I still have the issues with mixed content.

In addition when I click on those processing links with in the admincp they still show urls that do not have https://..

What version of Vbulletin do you guys have?

I'm using 4.2.3. Not sure how much help it will be. I hope you get it sorted out Richie

I think I'm going to make a guide soon on how to move to HTTPS on a fresh vBulletin installation. (latest vB4 version) I'll see what errors I encounter and maybe that will help you and other people in the future.

I don't have those changes at all and I don't get mixed content warnings in the admincp and it always displays the greed padlock ....just saying ...

Same here... I also use an image importer to fix mixed content warnings in the forums/CMS/Blog etc.. So far I am keeping everything secure with no mixed content warnings by doing nothing other than installing the SSL and adding the image importer.

I think I'm going to make a guide soon on how to move to HTTPS on a fresh vBulletin installation. (latest vB4 version) I'll see what errors I encounter and maybe that will help you and other people in the future.Dave, how about a guide for an old installation using cloudflare and customized heavily? :)

I have actually converted a few sites in the past without a hitch, no modifications needed. The issue here could be related to my cloudflare cert seeing as the way it is done through cloudflare at least with the package I have is to have the ssl cert actually hosted at cloudflare.. This could be the issue even though I cannot understand why it works every where else. I cannot find anything url wise that needs to be changed in the database or the templates.

The fact that I see a non ssl url inside the admincp though is a dead giveaway that something is wrong. I am talking about the links used when you save a setting edit or a plug in change. You get that page that says processing.. Mine shows a non https:// url. I get past that page now though and then get solid white. Clicking those links does nothing.

Dave, how about a guide for an old installation using cloudflare and customized heavily? :)

I have actually converted a few sites in the past without a hitch, no modifications needed. The issue here could be related to my cloudflare cert seeing as the way it is done through cloudflare at least with the package I have is to have the ssl cert actually hosted at cloudflare.. This could be the issue even though I cannot understand why it works every where else. I cannot find anything url wise that needs to be changed in the database or the templates.

The fact that I see a non ssl url inside the admincp though is a dead giveaway that something is wrong. I am talking about the links used when you save a setting edit or a plug in change. You get that page that says processing.. Mine shows a non https:// url. I get past that page now though and then get solid white. Clicking those links does nothing.

I also run Cloudflare with HTTPS (Cloudflare SSL only) enabled on my forum (about 900k posts) and I don't really have any problems. I only had one problem in the past and that was the HTTP error in the AdminCP which I fixed by modifying one of the PHP files.

I think I'm going to make a guide soon on how to move to HTTPS on a fresh vBulletin installation. (latest vB4 version) I'll see what errors I encounter and maybe that will help you and other people in the future.

That would be helpful to a large number of people who never saw the need for https up 'til now. Honestly, if you're not collecting personal data there is no need for encryption but Google is gonna Google.

This covers most scenarios:
https://www.vbulletin.com/forum/articles/4361080-converting-your-forum-to-https

--------------- Added 1482190258 at 1482190258 ---------------

I don't have those changes at all and I don't get mixed content warnings in the admincp and it always displays the greed padlock ....just saying ...

If you're not having mixed content issues in the admincp then there is no need to make the change, as my post says. :)

I also run Cloudflare with HTTPS (Cloudflare SSL only) enabled on my forum (about 900k posts) and I don't really have any problems. I only had one problem in the past and that was the HTTP error in the AdminCP which I fixed by modifying one of the PHP files.

I wish I knew what the variable is that has your site working and not mine even with the changes. What version of Vbulletin do you have and what version of Cloudflare?

Thanks

--------------- Added 1482195432 at 1482195432 ---------------

Those getting mixed content warnings in the admincp, please make the file changes here:
http://www.vbulletin.com/forum/node/4355527

These changes will work for either vB3 or vB4 (not needed in vB5).
They are applied by default in 3.8.11 and 4.2.5.
Thanks Mark! I am not sure why this is not working on my site. It could just be that I have to clear the Cloudflare cache but I will just wait a bit longer until it updates.. Maybe this will do the trick.

now that my host has enabled Let's Encrypt on my server, I need to look into getting SSL working. I have not fully followed/read through this thread, but is there a basic how-to on this subject?

I will browse this thread and gather what I can though.

now that my host has enabled Let's Encrypt on my server, I need to look into getting SSL working. I have not fully followed/read through this thread, but is there a basic how-to on this subject?

I will browse this thread and gather what I can though.
Mark posted a good How to right here:

https://vborg.vbsupport.ru/showpost.php?p=2579653&postcount=45

I would be interested to know of any specific code changes (for 4.2.5 / 3.8.11).

Some have already been applied in Beta 1, and I have updated a few more hard coded http links in Beta 2 to be either https, or protocol relative.

Mark posted a good How Too right here:

https://vborg.vbsupport.ru/showpost.php?p=2579653&postcount=45

awesome, thanks!

Anyone making the jump? Google chrome is starting to become an issue for sites not using an ssl as is Apple. I found out a couple days ago my IOS app will not be working as of January 1 unless I use https..

Does anyone have any strategy or plans for switching?

@RichieBoy67
Hello,
I want to install SSL to my page also, i think your SSL is working good. Did you change, install or edit somewhere in your page for don't face any problem because we didn't install SSL we faced too many problems.

Thanks.

Yes, moving to HTTPS as we speak. I still have some plugins to fix but I think that next week all will be solved and I can upload the new apps to Google and Apple.

To all, just move to https completely.

@RichieBoy67
Hello,
I want to install SSL to my page also, i think your SSL is working good. Did you change, install or edit somewhere in your page for don't face any problem because we didn't install SSL we faced too many problems.

Thanks.

There is guide posted above which covers everything.

Does any one has opinion which is better to use?
Trustwave EasyTrust SSL
or
Comodo Essential SSL

Thanks

Does any one has opinion which is better to use?
Trustwave EasyTrust SSL
or
Comodo Essential SSL


Thanks

No difference at all.
You can save yourself some money and get a free SSL certificate using https://letsencrypt.org/.

Thanks Dave for the answer. Actually I tried the free "Let's Encrypt" from my plesk but nothing change. I will try it again.

I would be interested to know of any specific code changes (for 4.2.5 / 3.8.11).

Some have already been applied in Beta 1, and I have updated a few more hard coded http links in Beta 2 to be either https, or protocol relative.

Hi, im on (vBulletin 4.2.3 Patch Level 2), where are that versions?

I would be interested to know of any specific code changes (for 4.2.5 / 3.8.11).

Some have already been applied in Beta 1, and I have updated a few more hard coded http links in Beta 2 to be either https, or protocol relative.

Im using 4.2.5 without any problems at this moment

https://www.turiver.com/foros/

There is also an option in Beta 2 to force the detected scheme to http or https.

Hi, im on (vBulletin 4.2.3 Patch Level 2), where are that versions?
I dont understand your question :confused:

There is also an option in Beta 2 to force the detected scheme to http or https.


I dont understand your question :confused:

I didnt notice that on members.vb there were beta versions. Sorry.

I am using beta and still having issues with the admincp..everything else is fine though..

I am using beta and still having issues with the admincp..everything else is fine though..
Mke sure the edits here are in place:
http://www.vbulletin.com/forum/node/4355527

Need some expert help please!

This is what our old .htacess redirects looked like:

RewriteEngine on
RewriteCond %{HTTP_HOST} !^yoursitename\.com$
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteRule ^(.*)$ http://yoursitename.com/$1 [L,R=301]What would be needed for redirect to https?

Thanks!

Need some expert help please!

This is what our old .htacess redirects looked like:

RewriteEngine on
RewriteCond %{HTTP_HOST} !^yoursitename\.com$
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteRule ^(.*)$ http://yoursitename.com/$1 [L,R=301]What would be needed for redirect to https?

Thanks!

It so depends. Did you try changing RewriteRule ^(.*)$ http://yoursitename.com/$1 [L,R=301] to RewriteRule ^(.*)$ https://yoursitename.com/$1 [L,R=301] ?

I have
RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteCond %{HTTP_HOST} ^www\.webhostingtalk\.nl$ [NC]
RewriteRule .? https://www.webhostingtalk.nl%{REQUEST_URI} [L,R=301]
And that works. :)

The forum is 100% https now. It wasn't that hard I must say. Some scripting that needed to be changed and also some hardcoded http// but that was it.

Next step, HTTP/2 but Varnish 4.x doesn't do that.

I figured out the issue!

The issue was Rocket Loader..

One of the things you need to do if you are switching to ssl with cloudflare is to just disable rocket loader and then re-enable. Otherwise it will use your old urls for jquery like:http://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

This must use a separate cache..

I wish I got a pound for every issue cloudflare causes, i'd probably be able to retire by now.

I wish I got a pound for every issue cloudflare causes, i'd probably be able to retire by now.
I agree Paul. It can be a hassle but I believe the benefits for me at least out weight the negative aspects. It has been challenging and a learning process.

I wish I got a pound for every issue cloudflare causes, i'd probably be able to retire by now.

That being the case, why do so many insist upon using it? :confused:

That being the case, why do so many insist upon using it? :confused:
For one it allows me to use external dns and having a very image heavy site it literally shaves seconds off page load time. The last reason I use it is for security reasons. I cannot count the amount of times this has saved me issues from ddos attacks and even many probes are dealt with by cloudflare before they even get to my server.

Yes it has been a pita but I am pretty happy with it overall when I have it functioning correctly.

I wish I got a pound for every issue cloudflare causes, i'd probably be able to retire by now.

Is it possible that on latest beta there its a problem with special characters while logged out?

That being the case, why do so many insist upon using it? :confused:
I have no idea, I would not go near it - I guess they are good at marketing what is basically a supersized proxy service.

Is it possible that on latest beta there its a problem with special characters while logged out?
Huh ?

I have no idea, I would not go near it - I guess they are good at marketing what is basically a supersized proxy service.
Huh ?

I do not want to get too far off topic here but Cloudflare is much, much more than a proxy service.


Regarding ssl, I have installed letsencrypt onto my server and it worked well for most of my other sites. Great feature!

The only issue I have now is that the images I have imported over the years using the image import plug in are using http:// so those posts are still showing as mixed content.. Same with some of the previous images uploaded via tapatalk.

Everything else is perfect though now.

I do not want to get too far off topic here but Cloudflare is much, much more than a proxy service.


Regarding ssl, I have installed letsencrypt onto my server and it worked well for most of my other sites. Great feature!

The only issue I have now is that the images I have imported over the years using the image import plug in are using http:// so those posts are still showing as mixed content.. Same with some of the previous images uploaded via tapatalk.

Everything else is perfect though now.

In re SSL, I'm not using it unless the site requires it for legitimate purposes, such as financial transactions or personal identifying information.

Google can kiss my ass.

In re SSL, I'm not using it unless the site requires it for legitimate purposes, such as financial transactions or personal identifying information.

Google can kiss my ass.

Well maybe so but if you rely on organic traffic and web browsers at some point you will have no choice.

The main reason I did it though now was for my Apple app. SSL is already or will be required some time this month for it to work.

Google can kiss my ass.
Unfortunately, its not just Google that are getting hysterical now.

Chrome are going to start flagging non SSL pages with password fields on them, others will no doubt follow suit.

Unfortunately, its not just Google that are getting hysterical now.

Chrome are going to start flagging non SSL pages with password fields on them, others will no doubt follow suit.

Chrome is Google but yeah, I heard this as well.. other browsers will be following suit. I am sure Safari will be one of the first.

Everybody, just do it!

I do not want to get too far off topic here but Cloudflare is much, much more than a proxy service.


Regarding ssl, I have installed letsencrypt onto my server and it worked well for most of my other sites. Great feature!

The only issue I have now is that the images I have imported over the years using the image import plug in are using http:// so those posts are still showing as mixed content.. Same with some of the previous images uploaded via tapatalk.

Everything else is perfect though now.

SQL query it away?

UPDATE post SET pagetext = REPLACE(pagetext,
'http://path-to-image-store.com/',
'https://path-to-image-store.com/');


Take a backup etc..

SQL query it away?

UPDATE post SET pagetext = REPLACE(pagetext,
'http://path-to-image-store.com/',
'https://path-to-image-store.com/');
Take a backup etc..
Thanks, I was actually planning on that. That should be the last thing left to do.:)

I had a horrible experience, I turn my forum to htpps, all was fine.
until i made a logout. I saw that as a guest all my forums are centering (all post, text and images was in center, when I loged in all is ok again.

Has any one this experience?. I panic for a little and back my forum to http.
Problem with centering was in all browsers and all skin, even standar skin.

I had a horrible experience, I turn my forum to htpps, all was fine.
until i made a logout. I saw that as a guest all my forums are centering (all post, text and images was in center, when I loged in all is ok again.


Has any one this experience?. I panic for a little and back my forum to http.
Problem with centering was in all browsers and all skin, even standar skin.
Sounds like the css url is still http://

Try updating styles too in the maintenance section.

Try updating styles too in the maintenance section.I did that, Why when I log, than it is all as supposed to be.
Secure is ok in both situations, that means all guests will see my forum centered
Thank you for the answers

Everybody, just do it!

Are you paying for it? Some of us can't use use free SSL certificates.

I did that, Why when I log, than it is all as supposed to be.
Secure is ok in both situations, that means all guests will see my forum centered
Thank you for the answers
Did you try searching your templates and plug ins for http:// ??

--------------- Added 1483652671 at 1483652671 ---------------

Are you paying for it? Some of us can't use use free SSL certificates.
Well you can get a paid one for like $10 a year..There are free ones as well. Why can't you get a free one?

Are you paying for it? Some of us can't use use free SSL certificates.
Why cant you use free ones ?

Quick question - if you had google analytic's running before the switch to https do you have to start and make a new account on google or can you just go into your google account and change the urls over to https?

Not not analytics but you will need to create a new webmaster tools account.

Why cant you use free ones ?

The web host doesn't allow it.

I did that, Why when I log, than it is all as supposed to be.
Secure is ok in both situations, that means all guests will see my forum centered
Thank you for the answers

Make sure you are at 4.2.3 or above..

The web host doesn't allow it.

Then it's honestly time to find a new host...

Then it's honestly time to find a new host...They probably want to force her to buy one through them. :eek:

Did you try searching your templates and plug ins for http:// ??
I found the problem, I had an announcement about turning to https, I had these two in wrong order, so when user loged out there was a problem, now it is ok.
<div align="center">xxxxxx<div/>
<vb:if condition="$show['member']">xxxxxxxxx</vb:if>


Make sure you are at 4.2.3 or above..

For now I am in vb4.2.0 (Is there a problem with https??

Not not analytics but you will need to create a new webmaster tools account.
Is this correct? I must do that to?? Why?
I only insert the url of my forum with HTTPS, so I I have both. Is this wrong?



Thank you Richie for you help :)

--------------- Added 06 Jan 2017 at 20:04 ---------------

SQL query it away?

UPDATE post SET pagetext = REPLACE(pagetext,
'http://path-to-image-store.com/',
'https://path-to-image-store.com/');
Take a backup etc..
How exactly I will change this to https

http://www.MYSITE/users/10/Down12.png
http://www.MYSITE/users/133/up13.png


All links are the same until here,
http://www.MYSITE/users/


Thanks

Yes you need to add it to google webmaster tools. They treat it like a brand new url basically.

Don't know about that url but you should be able to find it either in a template or phpadmin. Could be a signature image.

--------------- Added 1483729061 at 1483729061 ---------------

SQL query it away?

UPDATE post SET pagetext = REPLACE(pagetext,
'http://path-to-image-store.com/',
'https://path-to-image-store.com/');
Take a backup etc..

This also needs to be done for phrases table, users table for signatures and any place else where a full local http:// url could be hiding.:up:

How exactly I will change this to https

http://www.MYSITE/users/10/Down12.png
http://www.MYSITE/users/133/up13.png


All links are the same until here,
http://www.MYSITE/users/

What is the source of the URL; is it in posts, signatures, some other table?

What is the source of the URL; is it in posts, signatures, some other table?
images in posts [IMG]

Thanks

images in posts [IMG]

Thanks

Assuming "mysite" is your forum url ...


UPDATE post SET pagetext = REPLACE(pagetext,
'http://www.mysite/users/',
'https://www.mysite/users/');


Usual backup warnings etc...

The web host doesn't allow it.
Seriously ?

Get a new host, who you get your SSL certificate from is non of their business.

Seriously ?

Get a new host, who you get your SSL certificate from is non of their business.

Easier said than done when you've paid for a year of dedicated hosting in advance. I would still like a reasonable explanation as to why Google considers this a necessity for sites which contain absolutely zero personal identifying information and conduct zero financial transactions. I'm sure we won't receive one. But there is something more to their insistence on SSL than our security. I think their advertisers are requesting or requiring it. Otherwise, I cannot imagine they would care in the least.

What is dedicated hosting?

You would have to ask Google, Apple, Microsoft, Mozilla and others for an explanation.

What a pita https is.
I clicked let's encrypt within my cpanel and went to working on changing all http to https. My site is heavily modified and still shows "Your connection to this site is not fully secure".
I went through all my plugins editing and find a few refuse to use https.
Having trouble wrapping my head around how to get some addons to accept https and others refuse to function using https....
Upgrading to the latest stable vb4 would be set up default https?

This should help..

https://www.whynopadlock.com/

And no, I do not think just doing an upgrade would save you though the latest beta works well with https:// it is not going to change your content.

Thanks Richie, I have been fixing links shown from whynopadlock. Exhausting.

Did you use this bro?

UPDATE post SET pagetext = REPLACE(pagetext, 'http://path-to-image-store.com/', 'https://path-to-image-store.com/');

No, do I need to? I seem to be having an issue with only one image that I can not find anywhere.

Now to get a couple addons working properly with https..

Check your signature table.. I found many non compliant images there

I went into phpadmin and did a search there for the non ssl urls..

I think I am winning.
I have one image that I cannot find anywhere.
http://anti-flag.com/forum/public/style_images/antiflag/exclamation.png

Any thoughts on finding it?

It's in your css somewhere - search in styles - /* format vBCode table */
)

#image {
line-height: 1.5em;
list-style-image: url(http://anti-flag.com/forum/public/style_images/antiflag/exclamation.png);
}

yep....it was there. Only place I did not search.
Thank you.

Great. All you need to do now is convert your ad servers to get rid of the mixed content warnings.

I am glad I switched to https.

Did you have any issues with (vb4) quick reply or the bbcodes showing page as insecure?

I have and had no issues with either eddie ... I have been on https for the last 5 years now

odd, on a friends vb4 site everything is perfect but only when the quick reply is shut off.
I turn it back on, the page shows insecure.
I checked and edited the custom bbcode to https, checked all default bbcode, thoughts?

odd, on a friends vb4 site everything is perfect but only when the quick reply is shut off.
I turn it back on, the page shows insecure.
I checked and edited the custom bbcode to https, checked all default bbcode, thoughts?

Double check the button image paths.

Triple checked... oddly enough, when adding insecure https URL to https://www.whynopadlock.com it shows the link as secure. I am baffled.

whynopadlock has limitations. For example, only registered members see the QR box - or any other elements you have chosen to hide from guest viewing

Very strange I don't see anywhere on my site what would possibly cause that either ...

--------------- Added 1489768605 at 1489768605 ---------------

Can you provide a link to yer' friends site ...

Very strange I don't see anywhere on my site what would possibly cause that either ...

--------------- Added 1489768605 at 1489768605 ---------------

Can you provide a link to yer' friends site ...

I got it worked out Cheech, I started my own thread about it even though I hijacked this one pretty good.

Hi all!

Did anyone encounter problems with avatars not working after migrating to https? The images are in the directory, but when viewing the avatar manager (and the individual users), they are not showing up. Stumped here...

Am using WP and VB and am wondering how to fix my .htaccess as well.

Paula

It has been awhile but I used replacement variables. I believe that fixed the avatars.

I used this in htaccess:
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteCond %{HTTP:X-Forwarded-Proto} !https [NC]
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

For wordpress there is a plug in. I will look at one of my sites and let you know what it is. I cannot recall right now.

##
The wordpress plug in is Really Simple SSL

You may still have to do work though to fix it depending on plug ins, themes, widgets, etc. I did on a couple of my sites.

Hi all!

Did anyone encounter problems with avatars not working after migrating to https? The images are in the directory, but when viewing the avatar manager (and the individual users), they are not showing up. Stumped here...

Am using WP and VB and am wondering how to fix my .htaccess as well.

Paula

I moved to https but didn't have problem with avatars.

Are you sure you pointed right url patch for your attachments in admincp?

Yep.

I moved my forum to https the beginning of last year, no issues at all on my end.