Made the move to HTTPS: a few questions ensuring correct implimentation

Live Free

Active member
I made the move to HTTPS a few days ago after doing a lot of research online and following Brogan's HTTPS conversion guide.

I do have a few remaining questions I hope someone would shed some light on.

1. A few default Xenforo templates reference a few external http:// links. I don't think they're sending mixed content warnings, but should I update all these files/disable servers without https, or only my custom templates? I'm referring to thinks like account_avatar_overlay which references gravatar.com and breadcrumbs which references data-vocabular.com/breadcrumbs. There are some others.

2. Do I need to batch upgrade default phrases that might reference http://? Is there a way to batch update phrases?

3. On my FAQ page (using Iversia's FAQ Manager) I have many pages that referenced the http:// version of my website. There is no mixed content warning. However, if I edit a question and examine the link used, they all use the http:// version of the site. My question is: why don't I get a mixed content warning in this situation?

4. What What exactly is Strict Transport Security? It tells external sites to force https, correct? What are the benefits and downsides? Google seemed to recommend an slow, eventual implementation of STS, saying STS can affect search rankings.

4. Are there any benefits or disadvantages over cpanel's free Let's Encrypt and Comodo certificate options?

5. I enabled cPanel's auto SSL. This updated my .htaccess file without me knowing. I've reordered and reviewed things, but would someone mind taking a look? As is I have two rules, one that forces https and one that forces www. I read that having this both in one statement is beneficial. How does my .htaccess look? Anything missing?

Code:
#    Mod_security can interfere with uploading of content such as attachments. If you
#    cannot attach files, remove the "#" from the lines below.
#<IfModule mod_security.c>
#    SecFilterEngine Off
#    SecFilterScanPOST Off
#</IfModule>

ErrorDocument 401 default
ErrorDocument 403 default
ErrorDocument 404 default
ErrorDocument 500 default

<IfModule mod_rewrite.c>

RewriteEngine On
# Enforce https SSL/TLS
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

</IfModule>

<IfModule mod_rewrite.c>
    RewriteEngine On

# Enforce www. on the domain
        RewriteCond %{HTTP_HOST} !^www.writingforums\.org$ [NC]
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$
        RewriteRule ^(.*)$ https://www.writingforums.org/$1 [R=301,L,QSA]

    #    If you are having problems with the rewrite rules, remove the "#" from the
    #    line that begins "RewriteBase" below. You will also have to change the path
    #    of the rewrite to reflect the path to your XenForo installation.
    #RewriteBase /xenforo

    #    This line may be needed to enable WebDAV editing with PHP as a CGI.
    #RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

    RewriteCond %{REQUEST_FILENAME} -f [OR]
    RewriteCond %{REQUEST_FILENAME} -l [OR]
    RewriteCond %{REQUEST_FILENAME} -d
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$
    RewriteRule ^.*$ - [NC,L]
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$
    RewriteRule ^(data/|js/|styles/|install/|favicon\.ico|crossdomain\.xml|robots\.txt) - [NC,L]
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$
    RewriteRule ^.*$ index.php [NC,L]
</IfModule>

################################################################################
# START: MOD_EXPIRES
################################################################################
# Turn MOD_EXPIRES On
ExpiresActive On

# Set Images to Expire After a Week
ExpiresByType image/jpg "access 1 week"
ExpiresByType image/jpeg "access 1 week"
ExpiresByType image/gif "access 1 week"
ExpiresByType image/png "access 1 week"
ExpiresByType image/x-icon "access 1 week"
ExpiresByType image/ico "access 1 week"

# Set CSS/JS to Expire After a Week
ExpiresByType text/css "access 1 week"
ExpiresByType application/javascript "access 1 week"
ExpiresByType text/javascript "access 1 week"
ExpiresByType application/x-javascript "access 1 week"

# Set Text/HTML/XML to Expire after a Day
ExpiresByType text/xml "access 1 day"


# Set Flash to Expire After a Month
#ExpiresByType application/x-shockwave-flash "access plus 1 month"

# Set XML to Expire After a Week
ExpiresByType text/xml "access plus 1 week"

################################################################################
# END: MOD_EXPIRES
################################################################################

################################################################################
# START: MOD_DEFLATE
################################################################################

<IfModule mod_deflate.c>
<FilesMatch "\.(gif|ico|jpg|jpeg|png|flv|swf|pdf|mp3|mp4|html|php|xml|txt|js|css)$">
SetOutputFilter DEFLATE
</FilesMatch>
    AddOutputFilterByType DEFLATE text/plain text/html text/xml text/css
    AddOutputFilterByType DEFLATE application/javascript application/x-javascript
    AddOutputFilterByType DEFLATE application/xml application/xhtml+xml application/rss+xml
    AddOutputFilterByType DEFLATE application/rss+xml
    AddOutputFilterByType DEFLATE application/xml application/xhtml+xml
</IfModule>

#This enables gzip compression.
<IfModule mod_deflate.c>
  # Compress HTML, CSS, JavaScript, Text, XML and fonts
  AddOutputFilterByType DEFLATE application/javascript
  AddOutputFilterByType DEFLATE application/rss+xml
  AddOutputFilterByType DEFLATE application/vnd.ms-fontobject
  AddOutputFilterByType DEFLATE application/x-font
  AddOutputFilterByType DEFLATE application/x-font-opentype
  AddOutputFilterByType DEFLATE application/x-font-otf
  AddOutputFilterByType DEFLATE application/x-font-truetype
  AddOutputFilterByType DEFLATE application/x-font-ttf
  AddOutputFilterByType DEFLATE application/x-javascript
  AddOutputFilterByType DEFLATE application/xhtml+xml
  AddOutputFilterByType DEFLATE application/xml
  AddOutputFilterByType DEFLATE font/opentype
  AddOutputFilterByType DEFLATE font/otf
  AddOutputFilterByType DEFLATE font/ttf
  AddOutputFilterByType DEFLATE image/svg+xml
  AddOutputFilterByType DEFLATE image/x-icon
  AddOutputFilterByType DEFLATE text/css
  AddOutputFilterByType DEFLATE text/html
  AddOutputFilterByType DEFLATE text/javascript
  AddOutputFilterByType DEFLATE text/plain
  AddOutputFilterByType DEFLATE text/xml

</IfModule>
################################################################################
# END: MOD_DEFLATE
################################################################################
Thanks guys.
 
Top