From HTTPS to HTTP - Disabling SSL


Well-known member
I changed the listen parameter to 80 and I added this extra block for the nginx configuration:
# HTTPS server
server {
  listen  443 ssl;
  return 301$request_uri;

  ssl  on;
  ssl_certificate  /etc/ssl/example.crt;
  ssl_certificate_key  /etc/ssl/private/example.key;
  ssl_session_timeout  5m;
  ssl_session_cache  shared:SSL:1m;
  ssl_ciphers  HIGH:!aNULL:!MD5:!RC4;
  ssl_prefer_server_ciphers  on;
Then restart the nginx server.


Well-known member
Yes, and as @Mouth has indicated, if you are using STS, make sure you set that to 0 a few days prior to the switch back. I had issues with Cloudflare caching that value, and not being able to get around it.

I personally removed SSL due to the hit in my adsense revenue.

Tracy Perry

Well-known member
I personally removed SSL due to the hit in my adsense revenue.
I guess that would be important if one actually had revenue coming in on it. :D

That's the biggest issue I have heard with it, but last I read, I thought they were pushing more ad content via SSL now?


Well-known member
No Need.
For Nginx:
But if a user/visitor hasn't come to your site since the previous max-age and you drop https, then their browser will fail to connect to http and that user will either have to research how to remove the site STS restriction from their browser or wait until the timeout before they can connect to your site again.


Well-known member


Well-known member
I would suggest more, at least as long as the STS timeout is for.
A lot of people set this to 365 days :-s

I only really had an issue with Cloudflare and this value. They kept forcing people to https, and as soon as I moved DNS away from them, everything worked as expected on http


Well-known member
A lot of people set this to 365 days :-s
Yes, so if you have HTTPS active with STS of 365 days and then decided to remove HTTPS and just have HTTP, then you should ensure that you keep HTTPS active, with an STS max-age of zero, and redirecting to HTTP for up to 365 days. Otherwise, if you stop HTTPS after, say, 30 days then any browser/user that last visted your site 30+ days ago will not have picked-up the new STS setting and will refuse to connect to your HTTP site.
They'll have to know how to go into their browser advanced settings and remove the STS to enable them to connect to your HTTP site, or wait up to 11 months until they can connect!


Well-known member
It is always a pain to switch from HTTPS to HTTP. We also had to do it because of Adsense and other ad network problems.

Time is not ready for full SSL with ad monetized forums, think twice if you plan to switch!

Beside of having the proper redirect HTTPS > HTTP in place for a very long time (even forever if there are external links to your forum you care about) you also have to renew the SSL certificate each year even if you no longer use HTTPS, because the redirects will not work if the cert is invalid.
There are more ads available for regular http connections and https slows down the site a little.


@Mike @Chris D

I talked to my host about disabling ssl and they said that it is done vie my software (xenforo), how can I do this?

I currently have CPanel redirecting to an https page which is my main forum page.


XenForo moderator
Staff member
XF doesn't control whether your site is loaded over HTTPS or not.

The only thing you have to do in XF if switching back to HTTP is to update the Board URL.

You will also need to remove any rules you added to the .htaccess file when you implemented HTTPS.


Well-known member
There are more ads available for regular http connections and https slows down the site a little.

Very true with the ads. The additional load time is negligible on any decent server these days. You're talking on the magnitude of a few milliseconds at most.