force HTTPS and WWW

To force HTTPS, please let me know if your forum is installed in the web root or in a directory.
 
I'm not sure what I'm doing wrong, but this doesn't seem to be working for me.

I'm sure I made a wreck of it, but here is my .htaccess file.

****

# Mod_security can interfere with uploading of content such as attachments. If you
# cannot attach files, remove the "#" from the lines below.
#<IfModule mod_security.c>
# SecFilterEngine Off
# SecFilterScanPOST Off
#</IfModule>

ErrorDocument 401 default
ErrorDocument 403 default
ErrorDocument 404 default
ErrorDocument 405 default
ErrorDocument 406 default
ErrorDocument 500 default
ErrorDocument 501 default
ErrorDocument 503 default

RewriteEngine On
RewriteCond %{HTTPS} !on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

<IfModule mod_rewrite.c>
RewriteEngine On

# If you are having problems with the rewrite rules, remove the "#" from the
# line that begins "RewriteBase" below. You will also have to change the path
# of the rewrite to reflect the path to your XenForo installation.




RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -l [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^.*$ - [NC,L]
RewriteRule ^(data/|js/|styles/|install/|favicon\.ico|crossdomain\.xml|robots\.txt) - [NC,L]
RewriteRule ^.*$ index.php [NC,L]

#RewriteCond %{HTTPS} off
#RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
#RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L] </IfModule>
 
Apache config: 
#    Mod_security can interfere with uploading of content such as attachments. If you
#    cannot attach files, remove the "#" from the lines below.
#<IfModule mod_security.c>
#    SecFilterEngine Off
#    SecFilterScanPOST Off
#</IfModule>

ErrorDocument 401 default
ErrorDocument 403 default
ErrorDocument 404 default
ErrorDocument 405 default
ErrorDocument 406 default
ErrorDocument 500 default
ErrorDocument 501 default
ErrorDocument 503 default

<IfModule mod_rewrite.c>
    RewriteEngine On

    #    If you are having problems with the rewrite rules, remove the "#" from the
    #    line that begins "RewriteBase" below. You will also have to change the path
    #    of the rewrite to reflect the path to your XenForo installation.
    #RewriteBase /xenforo

    #    This line may be needed to workaround HTTP Basic auth issues when using PHP as a CGI.
    #RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
    RewriteCond %{HTTPS} off
    RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
    RewriteCond %{REQUEST_FILENAME} -f [OR]
    RewriteCond %{REQUEST_FILENAME} -l [OR]
    RewriteCond %{REQUEST_FILENAME} -d
    RewriteRule ^.*$ - [NC,L]
    RewriteRule ^(data/|js/|styles/|install/|favicon\.ico|crossdomain\.xml|robots\.txt) - [NC,L]
    RewriteRule ^.*$ index.php [NC,L]
</IfModule>
 
Emre said:
Apache config: 
#    Mod_security can interfere with uploading of content such as attachments. If you
#    cannot attach files, remove the "#" from the lines below.
#<IfModule mod_security.c>
#    SecFilterEngine Off
#    SecFilterScanPOST Off
#</IfModule>

ErrorDocument 401 default
ErrorDocument 403 default
ErrorDocument 404 default
ErrorDocument 405 default
ErrorDocument 406 default
ErrorDocument 500 default
ErrorDocument 501 default
ErrorDocument 503 default

<IfModule mod_rewrite.c>
    RewriteEngine On

    #    If you are having problems with the rewrite rules, remove the "#" from the
    #    line that begins "RewriteBase" below. You will also have to change the path
    #    of the rewrite to reflect the path to your XenForo installation.
    #RewriteBase /xenforo

    #    This line may be needed to workaround HTTP Basic auth issues when using PHP as a CGI.
    #RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
    RewriteCond %{HTTPS} off
    RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
    RewriteCond %{REQUEST_FILENAME} -f [OR]
    RewriteCond %{REQUEST_FILENAME} -l [OR]
    RewriteCond %{REQUEST_FILENAME} -d
    RewriteRule ^.*$ - [NC,L]
    RewriteRule ^(data/|js/|styles/|install/|favicon\.ico|crossdomain\.xml|robots\.txt) - [NC,L]
    RewriteRule ^.*$ index.php [NC,L]
</IfModule>
Click to expand...
Thanks,
I just implemented your file, and it still doesn't default to https when I use my phone. Not sure why...
I'm using the htaccess file from the xenforo directory. Is there another one I'm supposed to be updating?
 
Site url: ... -> ..... use!
If it does not say 'on', then it can be set by adding this to the end of the library/config.php file:
PHP: 
$_SERVER['HTTPS'] = 'on';

More;
xenforo.com

XenForo, always use SSL?

Ok, so I'm trying to get an SSL to work on my forum (www.GamingSection.net) and I want the forum and all of its content to always load in https:// How can this be done well also always having the www. infront of it. I looked in the XenForo backend, there is no where to check off saying to use...
xenforo.com xenforo.com

Good work!
 
  • Like
Reactions: PWM
Emre said:
Site url: ... -> ..... use!
If it does not say 'on', then it can be set by adding this to the end of the library/config.php file:
PHP: 
$_SERVER['HTTPS'] = 'on';

More;
xenforo.com

XenForo, always use SSL?

Ok, so I'm trying to get an SSL to work on my forum (www.GamingSection.net) and I want the forum and all of its content to always load in https:// How can this be done well also always having the www. infront of it. I looked in the XenForo backend, there is no where to check off saying to use...
xenforo.com xenforo.com

Good work!
Click to expand...
Thanks, but it still doesn't work. I'm using the .htaccess file you posted earler and
PHP: 
$_SERVER['HTTPS'] = 'on';
is in the src/config.php file

BTW, I don't have a library/config.php file. Mine is src/config.php

The site is running https without any issues, unless somebody has a bookmark with http, then they get cookie errors. I'm at a loss why they are not getting redirected to https....
 
StoveBolts said:
I'm not sure what I'm doing wrong, but this doesn't seem to be working for me.

I'm sure I made a wreck of it, but here is my .htaccess file.

****

# Mod_security can interfere with uploading of content such as attachments. If you
# cannot attach files, remove the "#" from the lines below.
#<IfModule mod_security.c>
# SecFilterEngine Off
# SecFilterScanPOST Off
#</IfModule>

ErrorDocument 401 default
ErrorDocument 403 default
ErrorDocument 404 default
ErrorDocument 405 default
ErrorDocument 406 default
ErrorDocument 500 default
ErrorDocument 501 default
ErrorDocument 503 default

RewriteEngine On
RewriteCond %{HTTPS} !on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

<IfModule mod_rewrite.c>
RewriteEngine On

# If you are having problems with the rewrite rules, remove the "#" from the
# line that begins "RewriteBase" below. You will also have to change the path
# of the rewrite to reflect the path to your XenForo installation.




RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -l [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^.*$ - [NC,L]
RewriteRule ^(data/|js/|styles/|install/|favicon\.ico|crossdomain\.xml|robots\.txt) - [NC,L]
RewriteRule ^.*$ index.php [NC,L]

#RewriteCond %{HTTPS} off
#RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
#RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L] </IfModule>
Click to expand...
Is there supposed to be an exclamation point in this line?

RewriteCond %{HTTPS} !on
 
I am having the same issue, trying all these things and still it will not redirect. My forum is running on an Apache server owned by a hosting company. When I inspect the server settings with phpinfo I do not see _SERVER["HTTPS"] despite adding $_SERVER['HTTPS']='on' in /src/config.php (I think the doc that says config.php is in /library is either a mistake or valid for XF 1. I'm running the latest XF 2.1.
 
PaulaG said:
I am having the same issue, trying all these things and still it will not redirect. My forum is running on an Apache server owned by a hosting company. When I inspect the server settings with phpinfo I do not see _SERVER["HTTPS"] despite adding $_SERVER['HTTPS']='on' in /src/config.php (I think the doc that says config.php is in /library is either a mistake or valid for XF 1. I'm running the latest XF 2.1.
Click to expand...
Do you use cloudflare?
 
I bookmarked this a while back when I moved my site and board to HTTPS. Brogan did a great job with it. Maybe it will be helpful for you?

xenforo.com

How To Implement SSL To Secure HTTP Traffic (HTTPS)

This guide should hopefully explain all of the steps required to switch an XF installation from using HTTP to HTTPS. So for example, instead of the site URL being http://xenforo.com/community/ it will be https://xenforo.com/community/. What is...
xenforo.com xenforo.com
 
Hi I'm having the same problem. I have another forum with HTTPS perfectly running and yet this new 2.1 Xenforo installation is not working the same way.My board URL is set to HTTPS, canonical URLs are checked, I don't have custom URLs for anything in the TOS/registration, I have the rewrite in my .htaccess file, and I can access my site via HTTPS but it will not FORCE the https...

When I put the following code in my config.php file, the browser cannot find even the HTTP site:
$_SERVER['HTTPS'] = 'on';

I have done everything exactly like the other forum installation, which is Xenforo 2 -with 2.1 something is wrong.
 
You must log in or register to reply here.

Similar threads

Damien Alexander
Guest Viewing and force membership
Replies
0
Views
54
Damien Alexander
Damien Alexander
Krysteo
  • Question Question
XF 1.1 https and embedded videos
Replies
0
Views
337
Krysteo
Krysteo
D
  • Question Question
XF 2.2 Force Hamburger/Button navigation and search bar
Replies
3
Views
863
Deleted member 241496
D
Frode789
Help needed - Caching and speed improvements
Replies
5
Views
1K
Kirby
K
B
  • Question Question
XF 2.1 Redirection to new domain https and upgraded from vbulletin
Replies
8
Views
1K
buttyoldskool
B
Top Bottom