My site is multi-domain site using oa_domains module (in openatrium). All web is under SSL no exception.
Without SSL it works very well (multi-domain or single domain). Configured as https://www.drupal.org/node/2265627 (#4)
To be under SSL, With one domain setting, besides modification in .htaccess (redirect http -> https), I also add base_url to be https ://www.domain.com. This works well.
My problem is that Now I need to configure multi-domain using oa_domains module+SSL, I cannot use base_url anymore (for make SSL work), since the domains are different.
I was thinking to use if statement in settings.php. but some documents say that I should do with directories for different domains.
I then add sites/domain1.com and sites/domain2.com and copy the settings.php to both places but change them with different base_urls. However, it still does not work (errors, page not found, or cannot access the images of theme, plus lots of http:// in the script).
Can I use if statements in settings.php? how to know the current domain name?
Thanks.
I just put
$host = $_SERVER['HTTP_HOST'];
$base_url = 'http://'.$host;
for setting $base_url (settings.php) and
then create symbolic link that domain2.com -> domain1.com.
That's it!.
hosais
Related
This is a relatively recent behavioral change and appears to be related only to requests which include a "Upgrade-Insecure-Requests: 1" request header.
Apache has started rewriting such requests for sites which are HTTP-only to an HTTPS URL using the default site name instead of just adding the / at the end of the requested URL.
Example: URL submitted in browser: http://www.example.com/blah
Intended redirect: 301 to http://www.example.com/blah/
Instead redirects: 301 to https://default.site.configured/blah/
This happens whether it's a named virtual on the same address as the default server or a virtual using a separate address with separate Listen directives.
I understand all the arguments in favor of the idea that everything should always be encrypted and I don't want to get into a debate about that. This site doesn't consider the tradeoffs desirable at this time.
The default site does have SSL and is configured to redirect HTTP->HTTPS, but the www.foo.com site is not configured that way and does not wish to implement SSL at this time.
Is there any way to get Apache 2.4 to disregard that "Upgrade" header and simply rewrite the URL as desired rather than altering the domain name?
After banging on this some more, I finally found the source of my woes.
This happens when you have IP based virtual hosts and did not configure a name for them using the "ServerName" directive.
tl;dr: If you are having this problem, try adding a "ServerName www.example.com" directive within the VirtualHost definition for the site and that should resolve it.
Details:
It does not happen until you encounter a URL that requires a rewrite other than adding a trailing /. (i.e. if you get a request that doesn't contain the "Upgrade-Insecure-Requests: 1" header, it only gets the trailing / added, but if you get one with that header, it also tries to rewrite the protocol to https which triggers the full URL rewrite).
In my case, the default host name had an SSL configuration, so it didn't fall back to HTTP after the rewrite or reject the rewrite as invalid.
YMMV, I did not continue to do an exhaustive test of all permutations once I found the solution.
I am working on setting up SSL with Heroku and Namecheap.
On Heroku I currently have the domains:
Domain Name - DNS Target
www.app.domain.io - www.app.domain.io.herokudns.com
www.domain.io - www.domain.io.herokudns.com
On NameCheap I have:
Type - Host - Value
CNAME Record - app - www.app.domain.io.herokudns.com
CNAME Record - www- www.domain.io.herokudns.com
URL Redirect Record - # - https://www.domain.io
CNAME Record - www - https://www.domain.io
What works:
www.domain.io works fine and does not redirect to include https
domain.io just fails to reach a site
https://www.domain.io works great!
https://domain.io fails to reach a site.
http://www.app.domain.io/ fails to reach a site.
https://www.app.domain.io/ fails to reach a site.
http://app.domain.io/ reached the heroku nothing there yet page.
Ideally, all pages should always redirect to include https and www. Any idea what I'm doing wrong?
I fixed the problem. I added redirect records so that if the url was entered with or without www and with or without https it would be redirected to include https and www. This required 4 redirects for the domain.
In addition, the app.domain.io url had not content because I hadn't set something up there yet. I was planning on using the app.domain.io for a new heroku app later on.
Remember to wait long enough and try clearing your cache to see if the issue is resolved.
Edit
In my domain settings under Redirect Domain
Source Url Destination Url
domain.xyz https://www.domain.xyz/
www.domain.xyz https://www.domain.xyz/
The above ensures https is always used.
In my domain advanced DNS settings under Host Records
Type Host Value TTL
CNAME Record www <link from heroku> 30 min
URL Redirect Record # https://www.domain.xyz/ unmasked
URL Redirect Record www https://www.domain.xyz/ unmasked
This is what you need to do on namecheap to work with a heroku app. There is more to do on the heroku side of things.
In Heroku under app settings there is a Domains and certificates section.
You can add your domain there. This will create a DNS Target which is what you put in the <link from heroku> block from above. Heroku will also let you use LetsEncrypt and they will automatically refresh your SSL certificate.
Remember to wait awhile between changes. DNS changes can take up to 24 hours to apply.
For anyone using Heroku, Django, and namecheap that still has a similar problem (i.e. you have a working https website, but http is not automatically routed to https), you also have to set SECURE_SSL_REDIRECT = True in your settings.py file. Making this addition fixed the issue in my case.
This change, in addition to the URL configurations posted in #Programmingjoe's answer, should fix the issue.
I originally had 4 subdomains, and when each was created, they were assigned a subdirectory off my public_html
So
subdomain1 points at public_html/subdirectory1
subdomain2 points at public_html/subdirectory2
subdomain3 points at public_html/subdirectory3
Each had a Wordpress site installed in the appropriate subdirectory
I then purchased a global (wildcard) SSL certifcate, and installed it... so it was for *.mydomain
And then all I had to do is in each Wordpress install, change the site url and home url, in General settings, to be https: subdomain.mydomain instead of http:subdomain.mydomain
Everything worked fine, I had no other changes to make.
Since then, I have added new subdomians, subdomain 4 and subdomain5
Again, each was assigned a subdirectory off public_html
subdomain4 points at public_html/subdirectory4
subdomain5 points at public_html/subdirectory5
Wordpress installed on each.
Each worked OK when the site and home urls were http:
Changing to https: site becomes unobtainable! White screen all the time, no error messages.
I contacted the tech support of my hosting providers, and what we established was that an http: request was targetting the public_html/subdirectory4 (or 5) directory, but that an https: request was targetting public_html ! They said that I had to amend my public_html/.htaccess file to redirect the https requests, on a subdomain by subdomain basis, to the relevant subdirectory.
Apart from this having knock on effects in the code of my sites, some of which is common across all 5, I do not understand why this is necessary. It was not necessary for the original sites that were present when I installed the SSL certificate. There are no entries in either the .htaccess file in public_html or in the .htaccess files of each subdirectory that pertain to http or https access.
There must be something else somewhere that makes the original subdomains work, but not the new ones created SINCE the SSL certificate was installed.
And it is nothing at all to do with Wordpress because I created a new subdomain and subdirectory with nothing but an index.php file echoing "Hello world", and it works if requested through http, not if requested through https:
I need to know anything else that can be making the original subdomains work WITHOUT any alteration to the .htaccess files, and why the new subdomains, created after the SSL certificate was installed, behave differently. And then obviously how to make them behave as the original subdomains do.
Don't know why the Tech Support for my hosting company couldn't tell me this, it was so simple once I looked in the right place.
Logged into WHM, and there's an SSL/TLS tab. Looking under "Manage SSL Hosts", I could see the subdomains that were working correctly had an entry in the table there. Backing out, and going to "Install an SSL Certificate on a Domain", I was able to install the certificate to the new subdomains, and lo and behold, when I returned to "Manage SSL Hosts", the new subdomains were there too.
So, undid all the changes made to the new WP installs, and now working perfectly, in the same manner as the all the other subdomains.
Hope this saves somebody else half the time I wasted!
Currently we are using the default wirecloud template. But sinde we enabled SSL and redirect every request to the ssl port I would love to change the urls of static ressources to start with https to avoid mixed content warnings.
Is there a simple way to change the urls to always start wit hhttps instead of http?
That's done automatically, except if WireCloud is behind a proxy (so requests comes using HTTP instead of HTTPS). In those cases you can force WireCloud to use https links by adding this line into the settings.py file:
FORCE_PROTO = "https"
See this link for more info.
My website is www.survivorssupply.com. I want to use SSL for my entire site because when I use SSL on only certain portions, the SSL certificate says certain parts were not delivered securely, not everything is secure, etc.
When I go into the Joomla admin panel, I set the entire site to force SSL for everything. I then get an issue with an endless redirect loop (301 error). My site is running the latest version of Joomla 2.5 on Nginx.
Is there some kind of rewrite I can use or does anyone know any Joomla tricks?
You are probably missing an extra parameter in the 443-section of your Nginx configuration. Add "fastcgi_param HTTPS on;" to the fastcgi-section.
#alfasin, Nginx doesn't use files like httpd.conf or .htaccess
check your httpd.conf and .htaccess for 301 redirect rules regarding HTTPS
you receive the warning that parts of your site are not secured because you have embedded links which use HTTP instead of HTTPS - I would create a backup of teh site and start changing all the urls in the: template, articles, modules etc.