How to enable full ssl
 

I'll be discussing how to enable full ssl and how to block unsecure content here.

The first big thing to do comes from a vbulletin.com article and is revised a bit.

After you get this done, you want to set a rewrite rule in htaccess.

This is what I use to rewrite http to https.

Next go to cloudflare and enable these settings (under Crypto)
* SSL - Full
* Edge Certificates - make one "The certificates in the pack listed below are managed and auto-renewed by Cloudflare."
*HSTS
* Require Modern TLS - On
* Opportunistic Encryption - On
* TLS 1.3 - Enabled+0RTT
* Automatic HTTPS Rewrites - On

That does it for cloudflare, after doing all of the above, your site is ready for SSL!

*Important! One last thing to do to ensure full SSL compatability is making sure that no insecure requests come through, this is how to do it with a description of what it does in the link.

Pop this in your headerincludes

More info: CSP: upgrade-insecure-requests - HTTP | MDN



One extra thing that I do is use this mod. It fetches external images and serves them locally, meaning that they will not violate the mixed content policy due to the rewrite we did earlier.

There is also another mod that you can use to locally serve insecure (http) images.
https://vborg.vbsupport.ru/showthread.php?t=288060


CKEditor Loading Issues:
For users experiencing loading issues of ckeditor on vbulletin 4 with https enabled while using Chrome, here is a fix.

https://www.vbulletin.com/forum/foru...52#post4378752

After you enable https, you most likely will experience a drop in traffic for some time. You can read more about that here.
http://www.seoblog.com/2017/07/rankings-drop-https-ssl/

There are benefits including security plus using less server cpu & bandwidth. Some are

1. is binary, instead of textual
2. is fully multiplexed, instead of ordered and blocking
3. can therefore use one connection for parallelism
4. uses header compression to reduce overhead
5. allows servers to “push” responses proactively into client caches
6. Wait what? Don't worry - let's try to explain this a bit in layman's terms.

Binary instead of textual: this is something which makes transfer and parsing of the data much more efficient. Binary data transfer is also much less prone to errors.

Fully multiplexed: again, simply put, with HTTP the problem was that each connection was prone to blocking the connetions after it. Imagine yourself in the queue to get into your favourite sports match, but rather than having multiple entry points, you only had 1 turnstile. You can imagine that things can get very very slow. Multiplexing allows multiple files and requests to be transferred at the same time. In the turnstile example, rather than have one person going in at a time, we have 10 gates, with 10 turnstiles going in together.

Use one conection for parallelism: as we mentioned before, when a connection is expensive to create, if you keep creating and closing it for every resource you need, you're going to create a serious overhead issue. Multiplexing allows the same connection to be reused over and over again. Imagine the connection as a pipe through which data keeps flowing until you don't have any more data. Also, do note that for any website, you will typically have the browser talking to multiple web servers for various 3rd party scripts and resources (Facebook sharing scripts, Twitter, Google Analtics, Ad networks etc. etc.) Having one connection for each of these is more efficient.

Header compression is also another efficient way of removing several of the overheads associated with having to retrieve several different resources from the same or multiple web servers. Once again, typically rather than having to perform multiple to and fro trips, one trip is typically enough.

Allows servers to push resources proactively: this is a way that the server, rather than waiting for the client browser to request the different resources as per our first example, it will proactively send them resources they will probably need. This is called HTTP/2 Server push.

Thanks to collectiveray for the info.

I did but now forums icon not showing
www.gsmlover.com

The forum icons need to be either an attachment or you need to change their URL to https

how to change url
can you guide me please

Your vb 4.x forum LOGO can be found here:

admin cp -> styles and templates -> style manager -> style variable editor -> GO

Search for TITLEIMAGE and click it. The path appears on the right, and it can be fixed there.

Mike

Add the following to your .htaccess file:

RewriteEngine On
RewriteCond %{HTTPS} on
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Right now it looks like you have a ton of 404 errors, for images.

https://www.webpagetest.org/result/1...all_view_step1

Something isn't configured right... If I go to a image from the results page, that image stays cached until I hit Shift +F5 in chrome (forces it to clear cache for a page & redownload everything as if it's never been there).

As far as I can tell this seems to be an apache issue, as I can view the images if I open them in either the webpagetest results page or if I view your source code and click that link. However, if I try to right click an image and open it in a new tab, it throws a 404 error.

I suggest you try some of these links for a potential fix.
https://www.google.com/search?ei=bCx....0.ChDRl6wSBBU

i did this but nothing happend

--------------- Added [DATE]1535044964[/DATE] at [TIME]1535044964[/TIME] ---------------

my 2 forums on the same server but the 2nd one is working fine with SSL but this forum creating problem
on the same server, apache can be the problem?

I can't say for sure but it looks like it. Check out this thread where someone had a kindof similar issue.
https://www.linuxquestions.org/quest...he-4175456462/

Let me ask you this... when you enabled SSL for your gsm forum.. what all did you do? Because if you have ssl enabled already, then all you should need to use what I mentioned in step 1...
plus put this in the headers.

<meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests">

with the htaccess code as a optional failsafe incase that doesn't catch it all.

sir i did every thing

--------------- Added [DATE]1535137346[/DATE] at [TIME]1535137346[/TIME] ---------------

I upgrade to latest version vb 4.2.5 but icons still not showing

Ok I guess I need to rephrase that... What else did you do that wasn't in the first post?

Because there is nothing in that first post that would stop images from showing on a site.. So to help everyone figure this thing out, we need more details.

Alright it looks like gsmlover's issue has been resolved, if anyone else has issues with images not loading, try messing with Hotlink Protection settings in Cpanel.

For users experiencing loading issues of ckeditor on vbulletin 4 with https enabled, here is a fix.

https://www.vbulletin.com/forum/foru...52#post4378752

So I recently finally got around to setting up my site for SSL. Everything went fine, but my post icons are still loading with the old http:// URL and not the new https:// URL.
I have checked to make sure that the icons in the Post Icon Manager show the proper URL. (I've tried both relative path and full URL) and the forum still points to the old http.

I've set up the redirect in .htaccess as well, but doesn't seem to work on the icons.

I've checked it on the default VB4 style, and I get the same issue, so I don't think it's a style problem.

I've tried deleting the Post Icon and replacing it, still didn't fix it. I've tried deleting the image itself and somehow it still shows up on my browser (And I cleared cache on the browser and VB so I'm completely at a loss).

I've seen other people have this issue though it seems like simple changes fixed it, so I'm not sure why mine is acting up (other than a network cache problem?)

Any help would be appreciated.

You need to find in codes to change it to https. I am sure it used a fixed link for your icon.

Like the actual PHP files? Is there a way to do that via the admin console?

--------------- Added [DATE]1559608846[/DATE] at [TIME]1559608846[/TIME] ---------------

I found it! In case anyone else is having this problem, they were listed in vBulletin Options-> Thread Display Options (showthread)

We recently switched our forums to SSL. It was a bit of an ordeal because I don't think our host fully knew what they were doing. I think one tech was able do what we wanted by changing all the http links to https, but then another tech did another restore from a backup and wiped out the changes.

I want to change all references of http://www.mysite.com to https://www.mysite.com within on entire vBulletin database.

I know this is the SQL query to change it just in the posts.

UPDATE post SET pagetext = REPLACE(pagetext, 'http://www.mysite.com', 'https://www.mysite.com');

What query would I run to search and replace the entire database? I will, of course, make a backup before running it and check to see the links have been successfully converted.

thanks alot for that great informitions