How To Implement SSL To Secure HTTP Traffic (HTTPS)

How To Implement SSL To Secure HTTP Traffic (HTTPS)

A new installation of XF2 requires very little to set it up for HTTPS.

Assuming the server already has a certificate installed (see Installing a certificate if not), all that is required is the following:

Board URL
That is set in the ACP -> Options -> Basic options: Board URL.
Ensure it is set to https, e.g.

Checking the Enable board URL canonicalization option below that should avoid the need to add any specific rewrite rules to the .htaccess file.

Image Proxy
If embedding images from remote servers in posts is permitted, then the image proxy option must be enabled.
If it is not, mixed content warnings will be produced when loading a page with an embedded image from a URL which is not HTTPS.
It can be enabled in the ACP -> Options -> Messages -> Image and link proxy: Proxy images.
Further information regarding the feature is available here: XF 1.3 - EXIF Rotation, ACP Searching, Proxying and Change Logging

Note that there is no specific need to enable the link proxy, as far as HTTPS is concerned, as links are not embedded content in the same way images are.