1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

XF 1.4 htaccess non www and SSL?

Discussion in 'Troubleshooting and Problems' started by FredC, Aug 31, 2014.

  1. FredC

    FredC Well-Known Member

    How to force both non www and https?

    My forum is in a community folder and my htaccess looks like so... (forcing https)
    Code:
    #    Mod_security can interfere with uploading of content such as attachments. If you
    #    cannot attach files, remove the "#" from the lines below.
    #<IfModule mod_security.c>
    #    SecFilterEngine Off
    #    SecFilterScanPOST Off
    #</IfModule>
    
    ErrorDocument 401 default
    ErrorDocument 403 default
    ErrorDocument 404 default
    ErrorDocument 500 default
    
    <IfModule mod_rewrite.c>
        RewriteEngine On
    
        RewriteCond %{SERVER_PORT} 80
        RewriteRule ^(.*)$ https://doberman-chat.com/community/$1 [R,L]
    
        #    If you are having problems with the rewrite rules, remove the "#" from the
        #    line that begins "RewriteBase" below. You will also have to change the path
        #    of the rewrite to reflect the path to your XenForo installation.
        #RewriteBase /xenforo
    
        #    This line may be needed to enable WebDAV editing with PHP as a CGI.
        #RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
    
        RewriteCond %{REQUEST_FILENAME} -f [OR]
        RewriteCond %{REQUEST_FILENAME} -l [OR]
        RewriteCond %{REQUEST_FILENAME} -d
        RewriteRule ^.*$ - [NC,L]
        RewriteRule ^(data/|js/|styles/|install/|favicon\.ico|crossdomain\.xml|robots\.txt) - [NC,L]
        RewriteRule ^.*$ index.php [NC,L]
    </IfModule>
    I also have a separate htaccess file in the root directory... (forcing non www)
    Code:
    RewriteEngine On
    RewriteBase /
    RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
    RewriteRule ^(.*)$ https://%1/$1 [R=301,L]
    So the question is how do i get these two rewrites to work together?
    ------------------------
    Edit: I also have a rewrite someplace forcing all traffic from my root domain to the community folder. IE: mysite.com redirects to mysite.com/community

    will i ever be able to get all these to play together?
     
    Last edited: Aug 31, 2014
    Tize likes this.
  2. FredC

    FredC Well-Known Member

    right now my boards a mess. I have www. and non wwws and http and https all running.. This is gonna get dicey when members start posting links and the cookies start freaking out..
     
    Tize likes this.
  3. FredC

    FredC Well-Known Member

    edit/edit... I also seem to have the ssl certificate configured wrong because the https:// doesn't appear green on the forum index page however it does on various thread pages.
    Capture_08302014_204020.jpg
    Capture_08302014_204850.jpg
     
    Last edited: Aug 31, 2014
    Tize likes this.
  4. Tracy Perry

    Tracy Perry Well-Known Member

    That means you have unsecured links/images on the main index page.
    What (and realize I haven't messed with Apache in ages) I think you have to do is rewrite your www to a non-www, then redirect that to the SSL site. You may be able to just do a catch all redirect of all inbound traffic to the SSL.

    Have you remembered to change your URL in the ACP?
    The unsecured content is (from looking at the source of the index page)
    http://doberman-chat.com/imagehost/pics/d8f68434e51e278ac8b5675e6b89dd20.gif (and several other links to dog photos)
    http://doberman-chat.com/community/login
     
    Tize and FredC like this.
  5. FredC

    FredC Well-Known Member

    Ahh yes i had forgot i had used to use my own image hosting software back in the vB days. Still cant really wrap my head around this SSL configuration stuff..

    hmm that doesnt sound good..
     
    Tize likes this.
  6. Tracy Perry

    Tracy Perry Well-Known Member

    Is your SSL a PostiveSSL or a RapidSSL?
    There are some steps you have to take (with nginx at least) to concatenate them.
     
    Tize and FredC like this.
  7. FredC

    FredC Well-Known Member

    Positive SSL
     
    Tize likes this.
  8. Tracy Perry

    Tracy Perry Well-Known Member

    Tize and FredC like this.
  9. FredC

    FredC Well-Known Member

    i used Cpanel.. let me go give that link a read real quick.. Dang i didnt think it was going to be this complicated.. :( At any rate ill read their instructions and give this another shot and report back with the results..
     
    Tize likes this.
  10. Tracy Perry

    Tracy Perry Well-Known Member

  11. FredC

    FredC Well-Known Member

    I'm kinda stuck here i guess???
     
  12. FredC

    FredC Well-Known Member

    Ugh Im getting to old for this crap... Every browsers is throwing a warning page telling my guests to run away as fast as they can.. this is BS... I thought this certificate installation thing was supposed to be easy?
    Possibly related the the CA Bundle (optional) field that was left empty?
     
    Last edited: Aug 31, 2014
  13. FredC

    FredC Well-Known Member

    try again tomorrow i suppose.. i better get some rest before i break something important like a laptop... I suppose i can just revert my .htaccess file for the time being..
     
  14. Tracy Perry

    Tracy Perry Well-Known Member

    Part of the problem is this.
    Notice that it is showing for your certificate to be issued to server2.doberman-chat.com and in mine it's showing servinglinux.com (which is my actual domain name that answers for the HTTP call). It almost looks like you are using a private SSL certificate created on the server itself.

    Screen Shot 2014-08-31 at 12.00.03 AM.png

    and it should look similar to this

    Screen Shot 2014-08-31 at 12.01.35 AM.png
     
    Last edited: Aug 31, 2014
    Tize and FredC like this.
  15. FredC

    FredC Well-Known Member

    Hmm i dont have any idea where the heck that certificate came from possibly an auto generated self signed cert? my third party SSL Cert expires Aug/30/2019
    Possibly because i deleted the third party certificate last night to start fresh today..
     
  16. FredC

    FredC Well-Known Member

    I hate anything that i have to work on inside the server.. it sucks i dont know crap about them and now my notebook is broke again.. I really have to learn to quit working on stuff that aggravates my anger issues..
     
  17. FredC

    FredC Well-Known Member

    Google can kiss my ass. What a load of nonsense.. now i just have to figure out how to delete all that crap from my server
     
  18. Tracy Perry

    Tracy Perry Well-Known Member

    Are you on an actual VPS or server or shared hosting? It should be a simple matter of placing the certs on the server and then installing them via cPanel (just from a rough look).
     
  19. FredC

    FredC Well-Known Member

    i have my own dedicated server.. And yeah it supposed to be simple and i really don't know what im doing wrong.. But i just dont see the advantages of a headache like this just to appease the Google Gods.. I think we will pass on SSL ill just pay my client the 25 back they payed for the cert and explain the pros and cons i believe they will agree this is pretty stupid for a forum that doesn't process its own transactions the Google advantages are simply not worth the added headaches.

    @Tracy Perry i would like to thank you for taking time out to try to work through this with me. however my technical skills relating to anything Server are almost ZERO!!! and i just don't have the patience for this kind of stuff anymore..
     
  20. Tracy Perry

    Tracy Perry Well-Known Member

    Looks pretty simple (this is for a digicert certificate but they should all be similar)
    1. Download the Intermediate and Primary Certificate to where you keep your certificates and key files on the server
    2. Login to your cPanel control panel
    3. Find and click on SSL/TLS Manager
    4. Click on Generate, view, upload, or delete SSL certificates
    5. Under the Upload a New Certificate section, click on the Browse button and find your Primary Certificate (yourdomain.crt) that you downloaded in the first step. Or if you have copied the contents of your primary certificate from the email, paste it in the box labeled: "Paste the crt below". To access the text version of your certificate, open it with a text editor. When copying and pasting your certificate, include the BEGIN and END tags.
    6. Click the Upload button
    7. Click Go Back and click Return to SSL Manager at the bottom of the page
    8. Click on Setup a SSL certificate to work with your site. If this option is not available, your web host may have disabled it. You will need to contact them about how to install the Intermediate certificate
    9. Select the domain you are using from the Domain drop down menu. The system will attempt to "Fetch" the SSL Certificate and private key for you. If this doesn't work, you may need to contact your web host
    10. In the box labeled Ca Bundle paste the contents of the Intermediate certificate Click Install Certificate. Your SSL certificate should now be installed, and the website configured to accept secure connections. You or your web host may need to restart Apache before it will work
     
    Tize likes this.

Share This Page