|
Would anyone like to discuss moving to SSL/HTTPS?
I'm guessing this isn't something anyone really wants to talk about. My vBulletin 3 sites seem to find SSL very attractive. No problems. vBulletin 4 is another story. Is anyone running SSL on vB4 without any problems? A few issues I've encountered so far...
1. The editor doesn't work anymore. You need to edit code in class_bootstrap.php to fix that problem. FIXED BY DAVE 2. The "Reply With Quote" button doesn't work anymore - unless you click it once, wait for the spinning "loading" gif to appear - and then click again. Just double clicking doesn't work. FIXED BY DAVE 3. Attachments don't work. You can get as far as clicking submit to upload your file - but then the attachment window just fills with a vBulletin page that states you don't have permission to do what you're doing... 4. Quick User Finder doesn't work anymore and if I search for an email address, I can only search for the domain name - like "gmail.com" - the @ sign or anything before it will prevent it from working. I can hit enter or submit and the data will just clear out... That's all I found before I gave up and turned SSL off... If anyone would like to talk about their challenges and/or successes, please do... |
Quote:
What version of Vbulletin are you using? |
I moved all my vb4 boards over to https a few weeks back and had none of those issues, I just changed the site url in the admincp, added a few replacement variables to catch anything I'd hard coded to http and rebuilt the styles - all done and working fine within 15 minutes.
|
Quote:
https://vborg.vbsupport.ru/showthread.php?t=322813 If not, would you point me in the right direction? Quote:
http://tracker.vbulletin.com/browse/VBIV-15721 |
Your problem sounds like JavaScript files that are still loaded over HTTP.
If you open up the developer tools (F12) in Chrome and refresh the page that has issues, you should see some red errors in the console tab that indicate what's going wrong. |
Quote:
As Dave has said open your F12 developer tools on the console and check the errors, most things should be easy enough to sort. |
I think this is the thread RichieBoy67 meant: https://vborg.vbsupport.ru/showthread.php?t=323946
I moved to https just recently as well, using Let's Encrypt, and I did not have any issues. I didn't use any replacements vars, but I did edit my templates and changed everything which was hard coded. I used a SQL query to find them all. Also, this link was a huge help with some of the cleanup things: https://www.vbulletin.com/forum/arti...forum-to-https |
Thanks, guys. I read that discussion just now... I have a "stock", unmodified vB4 running the latest non-beta version that I use to test things here:
https://lf3performance.com/ I just converted that over to SSL and it's got all the issues. Considering it's unmodified - I wonder if there's a certain type of server setting that's causing my problems. If some of you guys are simply installing the SSL certificate and updating the URLs in the Admin CP to get it working - then I'm surprised. I guess you're lucky... |
Have you tried using the style variable replacement tool to convert: "http://www.lf3performance.com" to "https://www.lf3performance.com"? Also try clearing the server cache in the AdminCP under maintenance.
When I check the source code of the forum, I still see a couple of references to the HTTP version of your site. HTML Code:
(index):93 Mixed Content: The page at 'https://lf3performance.com/' was loaded over HTTPS, but requested an insecure image 'http://www.lf3performance.com/images/spacer.gif'. This content should also be served over HTTPS.HTML Code:
<link rel="Shortcut Icon" href="http://www.lf3performance.com/favicon.ico" type="image/x-icon" />HTML Code:
var IMGDIR_MISC = "http://www.lf3performance.com/images/misc"; |
Ah! You beat me to that. I just updated all the images to /images/ and now I've got the nice green "lock" icon. But the other issues are still there...
Quote:
|
Could you create a test account for us that we can use to login and look around?
|
Quote:
|
Frontend only, that will allow us to look around and see if there's any other errors.
|
Quote:
Username: Just Looking Password: WF8C5DZmcwB2rje7 Thanks! --------------- Added [DATE]1483043711[/DATE] at [TIME]1483043711[/TIME] --------------- I forgot to mention that Quick User Finder doesn't work anymore and if I search for an email address, I can only search for the domain name - like "gmail.com" - the @ sign or anything before it will prevent it from working. I can hit enter or submit and the data will just clear out... --------------- Added [DATE]1483044790[/DATE] at [TIME]1483044790[/TIME] --------------- I might have just found another issue. When browsing from my mobile phone - clicking on a thread title doesn't click through to the discussion - it functions like I want to moderate... |
1. HTTPS requires all resources to be loaded over HTTP on the page. If I check a thread then I notice that your signature has a picture in it that loads over HTTP.
2. Your headinclude template still has a variable that's pointing to HTTP: "var AJAXBASEURL = "http://lf3performance.com/";". The AJAXBASEURL is used to load CKEDITOR if I recall correctly. If this is a bug in vBulletin then just manually change it in the template. 3. This plugin is recommended: https://vborg.vbsupport.ru/showthread.php?t=288060 |
Quote:
"I might have just found another issue. When browsing from my mobile phone - clicking on a thread title doesn't click through to the discussion - it functions like I want to moderate..." Any thoughts on that? Perhaps the fix you just mentioned will take care of that... --------------- Added [DATE]1483045109[/DATE] at [TIME]1483045109[/TIME] --------------- I see this in the headinclude template: var AJAXBASEURL = "{vb:raw ajaxbaseurl}"; What might I change that to? |
I believe the ajaxbaseurl variable is generated based on the server settings. Since you use Cloudflare, the variable that vBulletin uses to determine whether HTTPS is used is not set and therefore it's still pointing to HTTP.
You can change it to HTML Code:
var AJAXBASEURL = "https://lf3performance.com/"; |
Quote:
-- This also fixed that other issue I mentioned where in mobile, clicking a thread title opened the moderation settings... --------------- Added [DATE]1483046107[/DATE] at [TIME]1483046107[/TIME] --------------- My only other major issue is the attachments not working. The AdminCP issues go away if I turn off SSL for the back end - which is fine by me... --------------- Added [DATE]1483113243[/DATE] at [TIME]1483113243[/TIME] --------------- Does anyone have any clues as to why attachments might not work after switching to SSL/HTTPS? |
Quote:
Where is @Paul M? we are needing your support to fix errors on vB 4.2.5 bt4, running with php 7.1 |
4.2.4&5 works absolutely fine on https, any issues you are having must be caused by local configuration or addons.
|
Quote:
Anyone knows how to solve this problem first? |
About 2 weeks ago our 4.2.2 forum started "acting strange"... 404 pages right and left. Didn't have a clue what was going on and meanwhile more than one distraught poster wondering if our site was down and why their shortcuts weren't working.
Went over our site URL details, Navigation, tried different browsers, clear cache, logged in and out and could NOT make sense of it. Site was up, htaccess file (briefly) zeroed. Still these maddening access issues. And then everything cleared up... as if it had never happened. Which feels worse, as I'm sure you can relate. Fast forward to this morning, checking site stats and there I see 2 domains listed. One is our regular site, and the second has (SSL) following. And suddenly the lights go on in this vaguely technical brain. /rant It would appear that our site provider (URLJet) has begun transitioning our site, and that the gremlins two weeks ago were the result. No heads-up, no communication, just me and another member of the forum banging our heads for 2 days. I'd pay money to get someone from URLJet in my hands and shake them until their teeth rattled. I have no doubt that URLJet has good intentions, but the lack of notice is maddening, and it's not the first time. Off to find out what our situation is. /rant off |
Quote:
Be sure to create a new webmaster tools account in google for the new url.. |
Find a new host.
|
Thanks for the responses. To their credit, spent most of yesterday aft with URLJet on this and understand a little more about the issue. There still seems to be some confusion about how this was initiated (it may have actually been one of our admins :erm: ), but at any rate we now have a trial comodo ssl certificate that expires in June... at which point I assume we'll be looking at either going back to http or paying for an actual certificate.
The main thing is that our small, basic forum seems to have no further fallout, apart from a problem selecting multiple attachments- and we're using the latest "non-approved" uploader.swf. I'm not sure if this is related or not. URLJet has generally been reliable. My main gripe is that there seems to be a lack of advance notice regarding server-level tasks... and that's probably a common complaint. On this issue, they're saying that they didn't initiate the http>https redirect, and as we seem to be more or less intact, I'm not going to argue the point. |
Switched over to HTTPs today as the forum is only 3 weeks old and less than 500 posts.
Very straightforward and done within 15 minutes on 4.2.4. I think doing it early helped and don't need to worry about it moving forward. Now just have to find some traffic! |
Plug ins, posts containing old urls, signatures, etc can make it much more difficult.. A new site should be very easy to do though so you are lucky. :)
|
We just done the upgrade to 4.2.5 but cKeditor does not load over SSL. Tried changing the "var AJAXBASEURL = "https://domain.tld/"" but still did not work. Could you please help to make things properly working. TIA.
|
There shouldn't be any need to mess changing the ajaxbaseurl, as you are using 4.2.5 make sure you set the FORCE URL SCHEME to https in config.php (near the bottom).
|
Quote:
1. Make sure "Always use Forum URL as Base Path" is set to Yes. 2. If that doesnt help, move to 4.2.5 and use the Force option in config.php. |
Quote:
|
Quote:
It doesn't have an obvious explanation on this command line |
OK, in the 4.2.5 how to bypass cloudflare IP and log the real IPs of the visitors and posters.
Code:
The Real IP Address is: 108.162.212.254 |
Um, eh ?
What does this have to do with SSL ? |
Quote:
Wanted to know how to get the real IP in Vb4.2.5 being under cloudflare protection. If we enable the proxy to real IP through the config.php, we get the posters' IP as below. Quote:
|
I believe you just need to add the cloudflare module to
Apache. No need to change anything in vBulletin, just make sure cloudflare is in strict ssl mode. Apologies for butting in... |
| All times are GMT. The time now is 02:56 AM. |
Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
| X vBulletin 3.8.12 by vBS Debug Information | |
|---|---|
|
|
 More Information |
|
|
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|