I'm guessing this isn't something anyone really wants to talk about. My vBulletin 3 sites seem to find SSL very attractive. No problems. vBulletin 4 is another story. Is anyone running SSL on vB4 without any problems? A few issues I've encountered so far...

1. The editor doesn't work anymore. You need to edit code in class_bootstrap.php to fix that problem. FIXED BY DAVE

2. The "Reply With Quote" button doesn't work anymore - unless you click it once, wait for the spinning "loading" gif to appear - and then click again. Just double clicking doesn't work. FIXED BY DAVE

3. Attachments don't work. You can get as far as clicking submit to upload your file - but then the attachment window just fills with a vBulletin page that states you don't have permission to do what you're doing...

4. Quick User Finder doesn't work anymore and if I search for an email address, I can only search for the domain name - like "gmail.com" - the @ sign or anything before it will prevent it from working. I can hit enter or submit and the data will just clear out...

That's all I found before I gave up and turned SSL off... If anyone would like to talk about their challenges and/or successes, please do...

I'm guessing this isn't something anyone really wants to talk about. My vBulletin 3 sites seem to find SSL very attractive. No problems. vBulletin 4 is another story. Is anyone running SSL on vB4 without any problems? A few issues I've encountered so far...

1. The editor doesn't work anymore. You need to edit code in class_bootstrap.php to fix that problem.

2. The "Reply With Quote" button doesn't work anymore - unless you click it once, wait for the spinning "loading" gif to appear - and then click again. Just double clicking doesn't work.

3. Attachments don't work. You can get as far as clicking submit to upload your file - but then the attachment window just fills with a vBulletin page that states you don't have permission to do what you're doing...

That's all I found before I gave up and turned SSL off... If anyone would like to talk about their challenges and/or successes, please do...
I did not have those problems at all and there already is a discussion going on about switching to https://..

What version of Vbulletin are you using?

I moved all my vb4 boards over to https a few weeks back and had none of those issues, I just changed the site url in the admincp, added a few replacement variables to catch anything I'd hard coded to http and rebuilt the styles - all done and working fine within 15 minutes.

I did not have those problems at all and there already is a discussion going on about switching to https://..

What version of Vbulletin are you using?

That's awesome. I wonder if it has something to do with the type of certificate used. I use a free certificate from Cloudflare. Is THIS the discussion you're referring to?:
https://vborg.vbsupport.ru/showthread.php?t=322813

If not, would you point me in the right direction?

I moved all my vb4 boards over to https a few weeks back and had none of those issues, I just changed the site url in the admincp, added a few replacement variables to catch anything I'd hard coded to http and rebuilt the styles - all done and working fine within 15 minutes.

Wow. Nice... I wonder if the replacement variables did the trick. You didn't even have to deal with this?:
http://tracker.vbulletin.com/browse/VBIV-15721

Your problem sounds like JavaScript files that are still loaded over HTTP.
If you open up the developer tools (F12) in Chrome and refresh the page that has issues, you should see some red errors in the console tab that indicate what's going wrong.

Wow. Nice... I wonder if the replacement variables did the trick. You didn't even have to deal with this?:
http://tracker.vbulletin.com/browse/VBIV-15721

No I didn't have to deal with that, everything just worked fine.

As Dave has said open your F12 developer tools on the console and check the errors, most things should be easy enough to sort.

I think this is the thread RichieBoy67 meant: https://vborg.vbsupport.ru/showthread.php?t=323946

I moved to https just recently as well, using Let's Encrypt, and I did not have any issues. I didn't use any replacements vars, but I did edit my templates and changed everything which was hard coded. I used a SQL query to find them all.

Also, this link was a huge help with some of the cleanup things: https://www.vbulletin.com/forum/articles/4361080-converting-your-forum-to-https

Thanks, guys. I read that discussion just now... I have a "stock", unmodified vB4 running the latest non-beta version that I use to test things here:
https://lf3performance.com/

I just converted that over to SSL and it's got all the issues. Considering it's unmodified - I wonder if there's a certain type of server setting that's causing my problems. If some of you guys are simply installing the SSL certificate and updating the URLs in the Admin CP to get it working - then I'm surprised. I guess you're lucky...

Have you tried using the style variable replacement tool to convert: "http://www.lf3performance.com" to "https://www.lf3performance.com"? Also try clearing the server cache in the AdminCP under maintenance.

When I check the source code of the forum, I still see a couple of references to the HTTP version of your site.

(index):93 Mixed Content: The page at 'https://lf3performance.com/' was loaded over HTTPS, but requested an insecure image 'http://www.lf3performance.com/images/spacer.gif'. This content should also be served over HTTPS.
(index):280 Mixed Content: The page at 'https://lf3performance.com/' was loaded over HTTPS, but requested an insecure image 'http://www.lf3performance.com/images/misc/navbit-home.png'. This content should also be served over HTTPS.
(index):329 Mixed Content: The page at 'https://lf3performance.com/' was loaded over HTTPS, but requested an insecure image 'http://www.lf3performance.com/images/buttons/collapse_40b.png'. This content should also be served over HTTPS.
(index):345 Mixed Content: The page at 'https://lf3performance.com/' was loaded over HTTPS, but requested an insecure image 'http://www.lf3performance.com/images/statusicon/forum_old-48.png'. This content should also be served over HTTPS.
(index):378 Mixed Content: The page at 'https://lf3performance.com/' was loaded over HTTPS, but requested an insecure image 'http://www.lf3performance.com/images/buttons/lastpost-right.png'. This content should also be served over HTTPS.
(index):429 Mixed Content: The page at 'https://lf3performance.com/' was loaded over HTTPS, but requested an insecure image 'http://www.lf3performance.com/images/statusicon/forum_old-48.png'. This content should also be served over HTTPS.
(index):447 Mixed Content: The page at 'https://lf3performance.com/' was loaded over HTTPS, but requested an insecure image 'http://www.lf3performance.com/images/statusicon/subforum_old-48.png'. This content should also be served over HTTPS.
(index):477 Mixed Content: The page at 'https://lf3performance.com/' was loaded over HTTPS, but requested an insecure image 'http://www.lf3performance.com/images/buttons/lastpost-right.png'. This content should also be served over HTTPS.
(index):529 Mixed Content: The page at 'https://lf3performance.com/' was loaded over HTTPS, but requested an insecure image 'http://www.lf3performance.com/images/buttons/collapse_40b.png'. This content should also be served over HTTPS.
(index):545 Mixed Content: The page at 'https://lf3performance.com/' was loaded over HTTPS, but requested an insecure image 'http://www.lf3performance.com/images/statusicon/forum_old-48.png'. This content should also be served over HTTPS.
(index):578 Mixed Content: The page at 'https://lf3performance.com/' was loaded over HTTPS, but requested an insecure image 'http://www.lf3performance.com/images/buttons/lastpost-right.png'. This content should also be served over HTTPS.
(index):629 Mixed Content: The page at 'https://lf3performance.com/' was loaded over HTTPS, but requested an insecure image 'http://www.lf3performance.com/images/statusicon/forum_old-48.png'. This content should also be served over HTTPS.
(index):666 Mixed Content: The page at 'https://lf3performance.com/' was loaded over HTTPS, but requested an insecure image 'http://www.lf3performance.com/images/statusicon/forum_old-48.png'. This content should also be served over HTTPS.
(index):696 Mixed Content: The page at 'https://lf3performance.com/' was loaded over HTTPS, but requested an insecure image 'http://www.lf3performance.com/images/icons/icon14.png'. This content should also be served over HTTPS.
(index):699 Mixed Content: The page at 'https://lf3performance.com/' was loaded over HTTPS, but requested an insecure image 'http://www.lf3performance.com/images/buttons/lastpost-right.png'. This content should also be served over HTTPS.
(index):750 Mixed Content: The page at 'https://lf3performance.com/' was loaded over HTTPS, but requested an insecure image 'http://www.lf3performance.com/images/statusicon/forum_old-48.png'. This content should also be served over HTTPS.
(index):783 Mixed Content: The page at 'https://lf3performance.com/' was loaded over HTTPS, but requested an insecure image 'http://www.lf3performance.com/images/buttons/lastpost-right.png'. This content should also be served over HTTPS.
(index):865 Mixed Content: The page at 'https://lf3performance.com/' was loaded over HTTPS, but requested an insecure image 'http://www.lf3performance.com/images/misc/forum_stats.png'. This content should also be served over HTTPS.
(index):881 Mixed Content: The page at 'https://lf3performance.com/' was loaded over HTTPS, but requested an insecure image 'http://www.lf3performance.com/images/misc/legend.png'. This content should also be served over HTTPS.
(index):884 Mixed Content: The page at 'https://lf3performance.com/' was loaded over HTTPS, but requested an insecure image 'http://www.lf3performance.com/images/statusicon/forum_new-16.png'. This content should also be served over HTTPS.
(index):885 Mixed Content: The page at 'https://lf3performance.com/' was loaded over HTTPS, but requested an insecure image 'http://www.lf3performance.com/images/statusicon/forum_old-16.png'. This content should also be served over HTTPS.
(index):887 Mixed Content: The page at 'https://lf3performance.com/' was loaded over HTTPS, but requested an insecure image 'http://www.lf3performance.com/images/statusicon/category-16.png'. This content should also be served over HTTPS.
(index):888 Mixed Content: The page at 'https://lf3performance.com/' was loaded over HTTPS, but requested an insecure image 'http://www.lf3performance.com/images/statusicon/forum_link-16.png'. This content should also be served over HTTPS.
(index):1 Mixed Content: The page at 'https://lf3performance.com/' was loaded over HTTPS, but requested an insecure image 'http://www.lf3performance.com/images/misc/arrow.png'. This content should also be served over HTTPS.
(index):1 Mixed Content: The page at 'https://lf3performance.com/' was loaded over HTTPS, but requested an insecure image 'http://www.lf3performance.com/images/buttons/search.png'. This content should also be served over HTTPS.
(index):1 Mixed Content: The page at 'https://lf3performance.com/' was loaded over HTTPS, but requested an insecure favicon 'http://www.lf3performance.com/favicon.ico'. This content should also be served over HTTPS.

<link rel="Shortcut Icon" href="http://www.lf3performance.com/favicon.ico" type="image/x-icon" />

var IMGDIR_MISC = "http://www.lf3performance.com/images/misc";
var IMGDIR_BUTTON = "http://www.lf3performance.com/images/buttons";



I also noticed that the site uses the www subdomain at some locations where at other locations it doesn't use it.

Ah! You beat me to that. I just updated all the images to /images/ and now I've got the nice green "lock" icon. But the other issues are still there...

Have you tried using the style variable replacement tool to convert: "http://www.lf3performance.com" to "https://www.lf3performance.com"? Also try clearing the server cache in the AdminCP under maintenance.

When I check the source code of the forum, I still see a couple of references to the HTTP version of your site.

(index):93 Mixed Content: The page at 'https://lf3performance.com/' was loaded over HTTPS, but requested an insecure image 'http://www.lf3performance.com/images/spacer.gif'. This content should also be served over HTTPS.
(index):280 Mixed Content: The page at 'https://lf3performance.com/' was loaded over HTTPS, but requested an insecure image 'http://www.lf3performance.com/images/misc/navbit-home.png'. This content should also be served over HTTPS.
(index):329 Mixed Content: The page at 'https://lf3performance.com/' was loaded over HTTPS, but requested an insecure image 'http://www.lf3performance.com/images/buttons/collapse_40b.png'. This content should also be served over HTTPS.
(index):345 Mixed Content: The page at 'https://lf3performance.com/' was loaded over HTTPS, but requested an insecure image 'http://www.lf3performance.com/images/statusicon/forum_old-48.png'. This content should also be served over HTTPS.
(index):378 Mixed Content: The page at 'https://lf3performance.com/' was loaded over HTTPS, but requested an insecure image 'http://www.lf3performance.com/images/buttons/lastpost-right.png'. This content should also be served over HTTPS.
(index):429 Mixed Content: The page at 'https://lf3performance.com/' was loaded over HTTPS, but requested an insecure image 'http://www.lf3performance.com/images/statusicon/forum_old-48.png'. This content should also be served over HTTPS.
(index):447 Mixed Content: The page at 'https://lf3performance.com/' was loaded over HTTPS, but requested an insecure image 'http://www.lf3performance.com/images/statusicon/subforum_old-48.png'. This content should also be served over HTTPS.
(index):477 Mixed Content: The page at 'https://lf3performance.com/' was loaded over HTTPS, but requested an insecure image 'http://www.lf3performance.com/images/buttons/lastpost-right.png'. This content should also be served over HTTPS.
(index):529 Mixed Content: The page at 'https://lf3performance.com/' was loaded over HTTPS, but requested an insecure image 'http://www.lf3performance.com/images/buttons/collapse_40b.png'. This content should also be served over HTTPS.
(index):545 Mixed Content: The page at 'https://lf3performance.com/' was loaded over HTTPS, but requested an insecure image 'http://www.lf3performance.com/images/statusicon/forum_old-48.png'. This content should also be served over HTTPS.
(index):578 Mixed Content: The page at 'https://lf3performance.com/' was loaded over HTTPS, but requested an insecure image 'http://www.lf3performance.com/images/buttons/lastpost-right.png'. This content should also be served over HTTPS.
(index):629 Mixed Content: The page at 'https://lf3performance.com/' was loaded over HTTPS, but requested an insecure image 'http://www.lf3performance.com/images/statusicon/forum_old-48.png'. This content should also be served over HTTPS.
(index):666 Mixed Content: The page at 'https://lf3performance.com/' was loaded over HTTPS, but requested an insecure image 'http://www.lf3performance.com/images/statusicon/forum_old-48.png'. This content should also be served over HTTPS.
(index):696 Mixed Content: The page at 'https://lf3performance.com/' was loaded over HTTPS, but requested an insecure image 'http://www.lf3performance.com/images/icons/icon14.png'. This content should also be served over HTTPS.
(index):699 Mixed Content: The page at 'https://lf3performance.com/' was loaded over HTTPS, but requested an insecure image 'http://www.lf3performance.com/images/buttons/lastpost-right.png'. This content should also be served over HTTPS.
(index):750 Mixed Content: The page at 'https://lf3performance.com/' was loaded over HTTPS, but requested an insecure image 'http://www.lf3performance.com/images/statusicon/forum_old-48.png'. This content should also be served over HTTPS.
(index):783 Mixed Content: The page at 'https://lf3performance.com/' was loaded over HTTPS, but requested an insecure image 'http://www.lf3performance.com/images/buttons/lastpost-right.png'. This content should also be served over HTTPS.
(index):865 Mixed Content: The page at 'https://lf3performance.com/' was loaded over HTTPS, but requested an insecure image 'http://www.lf3performance.com/images/misc/forum_stats.png'. This content should also be served over HTTPS.
(index):881 Mixed Content: The page at 'https://lf3performance.com/' was loaded over HTTPS, but requested an insecure image 'http://www.lf3performance.com/images/misc/legend.png'. This content should also be served over HTTPS.
(index):884 Mixed Content: The page at 'https://lf3performance.com/' was loaded over HTTPS, but requested an insecure image 'http://www.lf3performance.com/images/statusicon/forum_new-16.png'. This content should also be served over HTTPS.
(index):885 Mixed Content: The page at 'https://lf3performance.com/' was loaded over HTTPS, but requested an insecure image 'http://www.lf3performance.com/images/statusicon/forum_old-16.png'. This content should also be served over HTTPS.
(index):887 Mixed Content: The page at 'https://lf3performance.com/' was loaded over HTTPS, but requested an insecure image 'http://www.lf3performance.com/images/statusicon/category-16.png'. This content should also be served over HTTPS.
(index):888 Mixed Content: The page at 'https://lf3performance.com/' was loaded over HTTPS, but requested an insecure image 'http://www.lf3performance.com/images/statusicon/forum_link-16.png'. This content should also be served over HTTPS.
(index):1 Mixed Content: The page at 'https://lf3performance.com/' was loaded over HTTPS, but requested an insecure image 'http://www.lf3performance.com/images/misc/arrow.png'. This content should also be served over HTTPS.
(index):1 Mixed Content: The page at 'https://lf3performance.com/' was loaded over HTTPS, but requested an insecure image 'http://www.lf3performance.com/images/buttons/search.png'. This content should also be served over HTTPS.
(index):1 Mixed Content: The page at 'https://lf3performance.com/' was loaded over HTTPS, but requested an insecure favicon 'http://www.lf3performance.com/favicon.ico'. This content should also be served over HTTPS.

<link rel="Shortcut Icon" href="http://www.lf3performance.com/favicon.ico" type="image/x-icon" />

var IMGDIR_MISC = "http://www.lf3performance.com/images/misc";
var IMGDIR_BUTTON = "http://www.lf3performance.com/images/buttons";



I also noticed that the site uses the www subdomain at some locations where at other locations it doesn't use it.

Could you create a test account for us that we can use to login and look around?

Could you create a test account for us that we can use to login and look around?

Sure, I can do that. Are you looking for front end or back end?

Frontend only, that will allow us to look around and see if there's any other errors.

Frontend only, that will allow us to look around and see if there's any other errors.

Sure...

Username: Just Looking
Password: WF8C5DZmcwB2rje7

Thanks!

--------------- Added 1483043711 at 1483043711 ---------------

I forgot to mention that Quick User Finder doesn't work anymore and if I search for an email address, I can only search for the domain name - like "gmail.com" - the @ sign or anything before it will prevent it from working. I can hit enter or submit and the data will just clear out...

--------------- Added 1483044790 at 1483044790 ---------------

I might have just found another issue. When browsing from my mobile phone - clicking on a thread title doesn't click through to the discussion - it functions like I want to moderate...

1. HTTPS requires all resources to be loaded over HTTP on the page. If I check a thread then I notice that your signature has a picture in it that loads over HTTP.

2. Your headinclude template still has a variable that's pointing to HTTP: "var AJAXBASEURL = "http://lf3performance.com/";". The AJAXBASEURL is used to load CKEDITOR if I recall correctly. If this is a bug in vBulletin then just manually change it in the template.

3. This plugin is recommended: https://vborg.vbsupport.ru/showthread.php?t=288060

1. HTTPS requires all resources to be loaded over HTTP on the page. If I check a thread then I notice that your signature has a picture in it that loads over HTTP.

2. Your headinclude template still has a variable that's pointing to HTTP: "var AJAXBASEURL = "http://lf3performance.com/";". The AJAXBASEURL is used to load CKEDITOR if I recall correctly. If this is a bug in vBulletin then just manually change it in the template.

3. This plugin is recommended: https://vborg.vbsupport.ru/showthread.php?t=288060

Thank you. I'm looking into this stuff right now. I just updated that post before yours:

"I might have just found another issue. When browsing from my mobile phone - clicking on a thread title doesn't click through to the discussion - it functions like I want to moderate..."

Any thoughts on that? Perhaps the fix you just mentioned will take care of that...

--------------- Added 1483045109 at 1483045109 ---------------

I see this in the headinclude template:
var AJAXBASEURL = "{vb:raw ajaxbaseurl}";

What might I change that to?

I believe the ajaxbaseurl variable is generated based on the server settings. Since you use Cloudflare, the variable that vBulletin uses to determine whether HTTPS is used is not set and therefore it's still pointing to HTTP.

You can change it to
var AJAXBASEURL = "https://lf3performance.com/";

I believe the ajaxbaseurl variable is generated based on the server settings. Since you use Cloudflare, the variable that vBulletin uses to determine whether HTTPS is used is not set and therefore it's still pointing to HTTP.

You can change it to
var AJAXBASEURL = "https://lf3performance.com/";

That DID take care of the editor issue! That's a better fix than editing the class_bootstrap.php file. :) Thank you...

-- This also fixed that other issue I mentioned where in mobile, clicking a thread title opened the moderation settings...

--------------- Added 1483046107 at 1483046107 ---------------

My only other major issue is the attachments not working. The AdminCP issues go away if I turn off SSL for the back end - which is fine by me...

--------------- Added 1483113243 at 1483113243 ---------------

Does anyone have any clues as to why attachments might not work after switching to SSL/HTTPS?

I'm guessing this isn't something anyone really wants to talk about. My vBulletin 3 sites seem to find SSL very attractive. No problems. vBulletin 4 is another story. Is anyone running SSL on vB4 without any problems? A few issues I've encountered so far...

1. The editor doesn't work anymore. You need to edit code in class_bootstrap.php to fix that problem. FIXED BY DAVE

2. The "Reply With Quote" button doesn't work anymore - unless you click it once, wait for the spinning "loading" gif to appear - and then click again. Just double clicking doesn't work. FIXED BY DAVE

3. Attachments don't work. You can get as far as clicking submit to upload your file - but then the attachment window just fills with a vBulletin page that states you don't have permission to do what you're doing...

4. Quick User Finder doesn't work anymore and if I search for an email address, I can only search for the domain name - like "gmail.com" - the @ sign or anything before it will prevent it from working. I can hit enter or submit and the data will just clear out...

That's all I found before I gave up and turned SSL off... If anyone would like to talk about their challenges and/or successes, please do...

I am having same issues.

Where is @Paul M? we are needing your support to fix errors on vB 4.2.5 bt4, running with php 7.1

4.2.4&5 works absolutely fine on https, any issues you are having must be caused by local configuration or addons.

4.2.4&5 works absolutely fine on https, any issues you are having must be caused by local configuration or addons.

Main issue is I could not upload an image on new threads or new reply.
Anyone knows how to solve this problem first?

About 2 weeks ago our 4.2.2 forum started "acting strange"... 404 pages right and left. Didn't have a clue what was going on and meanwhile more than one distraught poster wondering if our site was down and why their shortcuts weren't working.

Went over our site URL details, Navigation, tried different browsers, clear cache, logged in and out and could NOT make sense of it. Site was up, htaccess file (briefly) zeroed. Still these maddening access issues.

And then everything cleared up... as if it had never happened. Which feels worse, as I'm sure you can relate.

Fast forward to this morning, checking site stats and there I see 2 domains listed. One is our regular site, and the second has (SSL) following. And suddenly the lights go on in this vaguely technical brain.

/rant It would appear that our site provider (URLJet) has begun transitioning our site, and that the gremlins two weeks ago were the result. No heads-up, no communication, just me and another member of the forum banging our heads for 2 days. I'd pay money to get someone from URLJet in my hands and shake them until their teeth rattled.

I have no doubt that URLJet has good intentions, but the lack of notice is maddening, and it's not the first time. Off to find out what our situation is. /rant off

About 2 weeks ago our 4.2.2 forum started "acting strange"... 404 pages right and left. Didn't have a clue what was going on and meanwhile more than one distraught poster wondering if our site was down and why their shortcuts weren't working.

Went over our site URL details, Navigation, tried different browsers, clear cache, logged in and out and could NOT make sense of it. Site was up, htaccess file (briefly) zeroed. Still these maddening access issues.

And then everything cleared up... as if it had never happened. Which feels worse, as I'm sure you can relate.

Fast forward to this morning, checking site stats and there I see 2 domains listed. One is our regular site, and the second has (SSL) following. And suddenly the lights go on in this vaguely technical brain.

/rant It would appear that our site provider (URLJet) has begun transitioning our site, and that the gremlins two weeks ago were the result. No heads-up, no communication, just me and another member of the forum banging our heads for 2 days. I'd pay money to get someone from URLJet in my hands and shake them until their teeth rattled.

I have no doubt that URLJet has good intentions, but the lack of notice is maddening, and it's not the first time. Off to find out what our situation is. /rant off

They switched your site to https:// without telling you? That is awful because many internal things need to be done when switching..

Be sure to create a new webmaster tools account in google for the new url..

Find a new host.

Thanks for the responses. To their credit, spent most of yesterday aft with URLJet on this and understand a little more about the issue. There still seems to be some confusion about how this was initiated (it may have actually been one of our admins :erm: ), but at any rate we now have a trial comodo ssl certificate that expires in June... at which point I assume we'll be looking at either going back to http or paying for an actual certificate.

The main thing is that our small, basic forum seems to have no further fallout, apart from a problem selecting multiple attachments- and we're using the latest "non-approved" uploader.swf. I'm not sure if this is related or not.

URLJet has generally been reliable. My main gripe is that there seems to be a lack of advance notice regarding server-level tasks... and that's probably a common complaint. On this issue, they're saying that they didn't initiate the http>https redirect, and as we seem to be more or less intact, I'm not going to argue the point.

Switched over to HTTPs today as the forum is only 3 weeks old and less than 500 posts.

Very straightforward and done within 15 minutes on 4.2.4. I think doing it early helped and don't need to worry about it moving forward.

Now just have to find some traffic!

Plug ins, posts containing old urls, signatures, etc can make it much more difficult.. A new site should be very easy to do though so you are lucky. :)

We just done the upgrade to 4.2.5 but cKeditor does not load over SSL. Tried changing the "var AJAXBASEURL = "https://domain.tld/"" but still did not work. Could you please help to make things properly working. TIA.

There shouldn't be any need to mess changing the ajaxbaseurl, as you are using 4.2.5 make sure you set the FORCE URL SCHEME to https in config.php (near the bottom).

We just done the upgrade to 4.2.5 but cKeditor does not load over SSL. Tried changing the "var AJAXBASEURL = "https://domain.tld/"" but still did not work. Could you please help to make things properly working. TIA.
Dont mess with such things, its only ends in tears.

1. Make sure "Always use Forum URL as Base Path" is set to Yes.

2. If that doesnt help, move to 4.2.5 and use the Force option in config.php.

Dont mess with such things, its only ends in tears.

1. Make sure "Always use Forum URL as Base Path" is set to Yes.

2. If that doesnt help, move to 4.2.5 and use the Force option in config.php.

Thanks Paul. It worked.

Dont mess with such things, its only ends in tears.

1. Make sure "Always use Forum URL as Base Path" is set to Yes.

2. If that doesnt help, move to 4.2.5 and use the Force option in config.php.

I am wondering when should use Force option in config.php file?

It doesn't have an obvious explanation on this command line

OK, in the 4.2.5 how to bypass cloudflare IP and log the real IPs of the visitors and posters.

The Real IP Address is: 108.162.212.254
The Real IP Host is: 108.162.212.254
The Proxy Server IP Address is: xxx.xx.xx.xx
The Proxy Host is: xxx.xx.xx.xx

Um, eh ?

What does this have to do with SSL ?

Um, eh ?

What does this have to do with SSL ?

Sorry my bad. I was sleepy so did not notice the typo.

Wanted to know how to get the real IP in Vb4.2.5 being under cloudflare protection. If we enable the proxy to real IP through the config.php, we get the posters' IP as below.

The Real IP Address is: 108.162.212.254 (cloudflare)
The Real IP Host is: 108.162.212.254 (cloudflare)
The Proxy Server IP Address is: xxx.xx.xx.xx (Real IP)
The Proxy Host is: xxx.xx.xx.xx (Real IP)

I believe you just need to add the cloudflare module to
Apache. No need to change anything in vBulletin, just
make sure cloudflare is in strict ssl mode.

Apologies for butting in...