XF 1.4 How to move to https?

[ibrian]

I'm just looking to clarify the move from http to https, as there's a couple of points of information spread about different threads.

So far as I understand it, the process runs as follows:

1. Buy/apply SSL for the domain
2. Add the following line inside the PHP brackets in config.php:

$_SERVER['HTTPS'] = 'on';

3. Add the following to the top of the .htaccess file:

RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

4. In Admin > Options, ensure the board URL is set to https and not http

Is that everything, or have I missed a step? Would just like to clarify this is the way to do it before proceeding, as there doesn't appear to be a tutorial on it - but hopefully this thread can help provide the basics in a single place.

 

[Mike]

I wouldn't recommend #2 unless you know why you're applying it. It should normally be handled by the server automatically. #3 is really just if you want to force all connections to HTTPS. It's beneficial, but I wouldn't do it until you have everything in place and have confirmed everything works.

So really, the base line would be #1 and check it all works, then you can do #3 and #4. If you have to do #2, you would do #2-4 at the same time (since #2 will break non-HTTPS pages).

 

[ibrian]

And that appears to have worked fine. Scary, but painless.