vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB4 General Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=251)
-   -   How correct redirect access that are causing Let's Encrypt to not secure my forum? (https://vborg.vbsupport.ru/showthread.php?t=324352)

hugoroger 02-02-2017 07:26 PM
How correct redirect access that are causing Let's Encrypt to not secure my forum?
 
Hi everyone!

I have successfully installed Let's Encrypt SSL certificates on my server after going though some issues.

You can view my issues being treated by their awesome team in there official site:https://community.letsencrypt.org/t/...or-alias/26136

Problem is that my website, which is a vBulletin Forum due to some issue is not applying the security to it!

Here is what I was told:
The "problem" here is that you have a redirect/rewrite rule redirecting https to http, pay attention to below output from your server, you will see a Location header redirecting





https://www.iforumelite.com to http://www.iforumelite.com/forum.php...f927f5d848aa88
He mentioned:
Note: The redirect/rewrite rule could be in your apache conf, on .htaccess files used by your site or even the forum that you are using could be redirecting it.





I checked all of it and found nothing. Here is my .htaccess file for the site in question:


Code:
RewriteEngine on
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.iforumelite.com/$1 [R=301,L]

# If you are having problems or are using VirtualDocumentRoot, uncomment this line and set it to your vBulletin directory.
# RewriteBase /forum/

# If you are having problems with the rewrite from content/ to content.php, uncomment this line to turn MultiViews off.
# Options -MultiViews

RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -l [OR]
RewriteCond %{REQUEST_FILENAME} -d

RewriteRule ^.*$ - [NC,L]

# Forum
RewriteRule ^threads/.* showthread.php [QSA]
RewriteRule ^forums/.* forumdisplay.php [QSA]
RewriteRule ^members/.* member.php [QSA]
RewriteRule ^blogs/.* blog.php [QSA]
RewriteRule ^entries/.* entry.php [QSA]

RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -l [OR]
RewriteCond %{REQUEST_FILENAME} -d

RewriteRule ^.*$ - [NC,L]

# MVC
RewriteRule ^(?:(.*?)(?:/|$))(.*|$)$ $1.php?r=$2 [QSA]

# Check MVC result
RewriteCond %{REQUEST_FILENAME} -f
RewriteRule ^(.*)$ - [NC,L]
RewriteRule ^(.*)$ - [R=404,L]

# Set PHP handler to application/x-httpd-php on Fri Nov 13 19:59:33 MST 2015.
#AddHandler application/x-httpd-php .php
The same thing is happening to https://www.clashforum.com.br

If I simply type it out in the browser www.iforumelite.com it will land in a none-secure page. This is so frustrating.


I have the rewrite on my .htaccess file:

RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.iforumelite.com/$1 [R=301,L]

I configured the site name and configuration.

Some pages still appear as HTTPS secure while other partially:

Example:

https://www.iforumelite.com/content....e-contratacoes

Loads with https but shows not secure

Shows fine with https like most:

https://www.iforumelite.com/forum.php

but then: https://www.iforumelite.com/content.php is not secure.. Any help!

I've read everywhere... And Ive read this too:
https://www.vbulletin.com/forum/arti...forum-to-https
But it does not work fix anything.. i already did all steps in there as you can all see.. I don't know what other details to include in order to get help.

Kane@airrifle 02-03-2017 07:28 AM
Make a copy of your htaccess file for safety and try the following rewrite

Code:
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Stratis 02-03-2017 10:21 AM
Quote:
Originally Posted by Kane@airrifle (Post 2581741)
Make a copy of your htaccess file for safety and try the following rewrite

Code:
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Two different technical team of server, give me this
RewriteCond %{HTTPS} off


What is the correct? off or on ? as you give.


RewriteCond %{HTTPS} !=on


or it does not matter?

EDIT: !on is the same with off (!)


All times are GMT. The time now is 08:56 AM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01108 seconds
  • Memory Usage 1,725KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (3)bbcode_code_printable
  • (1)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (3)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete