There are two page trees in my TYPO3 and I link between them. Both websites use an SSL/TLS encryption for the frontend delivery and thus should only generate relative links (if on the same domain) or link to my second domain (which it does, but only using http and not https).
Now the reason for this seems clear: I've never told TYPO3 to only generate https links. The question is: how would I do that in the first place?
I've come accross the possibility to work with config.absRelPrefix but this doesn't work when linking across domains.
use
config.typolinkCheckRootline = 1
this way typolinks check if the target page belongs to the current domain.
https://docs.typo3.org/typo3cms/TyposcriptReference/Setup/Config/Index.html#typolinkcheckrootline
Apparently, config.typolinkCheckRootline = 1 as well as any combination of config.absRelPrefix and config.baseUrl won't help it, if TYPO3 get's the wrong HTTP host and only get's the host via HTTP_X_FORWARDED_HOST env var.
Related
I have a site being hosted on heroku so I can go to myapp.herokuapp.com/ and my SPA loads. I got a domain and used cloudflare with a CName record to alais mydomain.com to myapp.herokuapp.com. Great the sites load. Within my SPA i load some images. If my app loads directly from heroku *myapp.herokuapp.com/images/filex.png" it works fine but if I call (or type in the address bar) myDomain.com/images/files.png" I just get my site back like i types mydomain.com
Is this an issue with cloudflare? Do i need additional routing rules?
or is this an issue with my express server that is serving the app and images? does the redirected
request look different and do I need to add code to handle the redirect?
I'm not sure why the redirect is happening without more information. My best guess is that you need to follow these instructions from Heroku. Without this, Heroku servers will have no idea what to do with a request that has a host header of mydomain.com, and will perform in some unexpected way. Heroku needs some way on its side to know that all mydomain.com requests should be handled identically to myapp.herokuapp.com requests.
If this configuration is already in place, your underlying code needs to handle myapp.herokuapp.com and mydomain.com, but I believe by default express will not care about hostname.
Seems to have been an issue with heroku. It’s working fine on aws.
I have my DNS settings as shown in the image
DNS Setting along with an additional CNAME with host www and value as my GitHub page. Next I setup a CNAME entry in my GitHub page with an apex entry to my domain. The issue I face is that whenever I visit my domain with an https protocol, it shows a warning that the connection is not secure. I get the following in Chrome:
NET::ERR_CERT_COMMON_NAME_INVALID
How do I fix this? I have both https and http access for my domain.
UPDATE: Github introduced custom domain support for HTTPS on May 1, 2018.
If you are using GoDaddy and want to upgrade to HTTPS, do the following:
Go to DNS settings for your site in your GoDaddy account.
Remove all existing A records.
Open a terminal and do dig +noall +answer <YOUR-USERNAME>.github.io. You should see a table listing 4 slightly different IP addresses:
On GoDaddy, create 4 new A records, each one pointing to one of the IPs. For host use # and set the TTL to a low user-defined value (if you are in a hurry).
Go to your page repository settings on Github, and clear the custom domain name and save. Wait a while (minutes).
When executing dig +noall +answer <YOUR-CUSTOM-DOMAIN> yields the 4 IP addresses that you entered in the A records, go back to the Github repository settings and re-enter and save your custom domain name (which you just cleared) in the custom domain cell.
Optionally, check the box Enforce HTTPS. But make sure that https://<YOUR-DOMAIN>is responsive first.
Make sure you have a CNAME record in your DNS settings also. Host should be www and it should point to your <YOUR-USERNAME>.github.io.
Make sure there is a file in your website repository named CNAME containing the name of your custom domain (in my case ulfaslak.com).
Reference
EDIT: Please see answer below by Arturo Herrero: https://stackoverflow.com/a/50203412/462015
GitHub pages does not support HTTPS for custom domains.
The only work around for doing so is to use an SSL provider as the middle man, such as Cloudflare. However, this would involve pointing your DNS name servers at Cloudflare's, which takes some time and complicates things.
If you want HTTPS support using GitHub pages you'll have to use GitHub's provided URL instead of your custom domain.
Another great option for static sites if you want custom domain name HTTPS is Amazon Web Services. You could set up an S3 bucket for your static website, configure CloudFront to distribute the static content, point your domain name at the CloudFront distribution, and use a free SSL certificate from Amazon's cert manager. This option comes out to less than $1/Month with a low-traffic website. A great in depth tutorial for that would be here.
I hope this answered your question! GitHub pages is a great hosting option, and it's not the end of the world if you decide to forget about HTTPS.
Custom domains on GitHub Pages gain support for HTTPS since May 01, 2018
https://blog.github.com/2018-05-01-github-pages-custom-domains-https/
I have a setup in Laravel whereby I have different sections of the site powered by one codebase. A section is defined by the first slug of the uri:
localhost.dev/section1/feature
localhost.dev/section2/another/feature
However, I also have a domain alias/proxy for these so that each section can have its own independent branding and SEO without splitting up the codebase.
section1.dev/feature (alias of localhost.dev/section1/feature)
section2.dev/another/feature (alias of localhost.dev/section2/another/feature)
However, Symfony's HTTPFoundation appears to be too smart to be fooled by this proxy, and whenever you use URL::full() or URL::current(), the domain remains localhost.dev despite your browser telling you that you're on section1.dev or section2.dev
Is there a way to configure .htaccess differently, or is there a way to make Laravel's URL::full() or URL::current() mirror what's in your address bar?
First: a domain alias is not a proxy.
Second: the app.url config option gets used by the application to generate URLs. Try making it an empty string.
I have been searching the internet for two days and I am stuck. I understand that I can purchase an SSL certificate to make my site work for HTTPS so that it is more secure and all that jazz.
My question is do I have to do anything special on the HTML/PHP pages I create for this site, like some PHP call to open a session, or does the fact that there is an SSL Cert on the server mean I don't have to change anything on the HTML pages?
Sorry if this is a dumb question, but I can't find the answer anywhere.
Its primary the setup of the server, e.g. that you have to make the site accessible by SSL (port etc) and configure the certificates.
But maybe you need to make adjustments to your HTML etc too, so that all resources (images, script, css..) will be loaded by SSL too, e.g. all these includes should be either be done with site-relative links or with explicite https:// links. In case the site gets served with both https and http you might also use protocol-relative links, e.g. //www.example.com/index.html will be served with http if the current protocol is http and with https if you currently use https.
I have a pure CherryPy server which has been running for a few years already. I decided recently to add SSL support. In this case it was enough to provide the certificate and key files and to assign correct values to the variables cherrypy.server.ssl_certificate and cherrypy.server.ssl_private_key.
I would like to give a warning about this change whenever somebody tries to access a page using "http://..." instead of "https://...". Is there a simple way of achieving this without many changes in my system? Another option would be to redirect the HTTP access to HTTPS—can that be done easily?
I would create a custom handler to achieve what you're after. This automatically redirects to HTTPS.
class Functions():
def check_ssl(self=None):
# check if url is in https and redirect if http
if cherrypy.request.scheme == "http":
cherrypy.HTTPRedirect(Referer.replace("http:", "https:"))
cherrypy.tools.Functions = cherrypy.Tool('before_handler', check_ssl)