XF 1.5 Redirect Issue http > https:

Chad

Chad

Active member
Trying to do a global redirect for the site from http:// to https:. Already set this in XF admin area board URL and homepage url: https://www.talkjesus.com

I can still access http://www directly in guest/visitor mode and it doesn't redirect to https://www protocol. Plus, you'll notice the Chinese icon font on top right.

.htaccess

Code: 
RewriteEngine On

RewriteCond %{HTTP_HOST} !^www\.talkjesus\.com$
RewriteRule ^(.*)$ http://www.talkjesus.com/$1 [R=301,L]

RewriteCond %{HTTP_HOST} !^www\.talkjesus\.com$
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$
RewriteRule ^[^/]+/([0-9]+)-[^\.]+\.html$ /index.php?threads/$1/ [R=301,L]


# Mod_security can interfere with uploading of content such as attachments. If you
# cannot attach files, remove the "#" from the lines below.
#<IfModule mod_security.c>
# SecFilterEngine Off
# SecFilterScanPOST Off
#</IfModule>

## EXPIRES CACHING ##
<IfModule mod_expires.c>
ExpiresActive On
ExpiresByType image/jpg "access 1 year"
ExpiresByType image/jpeg "access 1 year"
ExpiresByType image/gif "access 1 year"
ExpiresByType image/png "access 1 year"
ExpiresByType text/css "access 1 month"
ExpiresByType text/html "access 1 month"
ExpiresByType application/pdf "access 1 month"
ExpiresByType text/x-javascript "access 1 month"
ExpiresByType application/x-shockwave-flash "access 1 month"
ExpiresByType image/x-icon "access 1 year"
ExpiresDefault "access 1 month"
</IfModule>
## EXPIRES CACHING ##

Header unset Pragma
FileETag None
Header unset ETag

<IfModule mod_gzip.c>
mod_gzip_on Yes
mod_gzip_dechunk Yes
mod_gzip_item_include file \.(html?|txt|css|js|php|pl)$
mod_gzip_item_include handler ^cgi-script$
mod_gzip_item_include mime ^text/.*
mod_gzip_item_include mime ^application/x-javascript.*
mod_gzip_item_exclude mime ^image/.*
mod_gzip_item_exclude rspheader ^Content-Encoding:.*gzip.*
</IfModule>

<IfModule mod_deflate.c>
# Compress HTML, CSS, JavaScript, Text, XML and fonts
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/rss+xml
AddOutputFilterByType DEFLATE application/vnd.ms-fontobject
AddOutputFilterByType DEFLATE application/x-font
AddOutputFilterByType DEFLATE application/x-font-opentype
AddOutputFilterByType DEFLATE application/x-font-otf
AddOutputFilterByType DEFLATE application/x-font-truetype
AddOutputFilterByType DEFLATE application/x-font-ttf
AddOutputFilterByType DEFLATE application/x-javascript
AddOutputFilterByType DEFLATE application/xhtml+xml
AddOutputFilterByType DEFLATE application/xml
AddOutputFilterByType DEFLATE font/opentype
AddOutputFilterByType DEFLATE font/otf
AddOutputFilterByType DEFLATE font/ttf
AddOutputFilterByType DEFLATE image/svg+xml
AddOutputFilterByType DEFLATE image/x-icon
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/javascript
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/xml

# Remove browser bugs (only needed for really old browsers)
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4\.0[678] no-gzip
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
Header append Vary User-Agent
</IfModule>

ErrorDocument 401 default
ErrorDocument 403 default
ErrorDocument 404 default
ErrorDocument 500 default

<IfModule mod_rewrite.c>
RewriteEngine On

# If you are having problems with the rewrite rules, remove the "#" from the
# line that begins "RewriteBase" below. You will also have to change the path
# of the rewrite to reflect the path to your XenForo installation.
#RewriteBase /

# This line may be needed to enable WebDAV editing with PHP as a CGI.
#RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -l [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$
RewriteRule ^.*$ - [NC,L]

RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$
RewriteRule ^(data/|js/|styles/|install/|favicon\.ico|crossdomain\.xml|robots\.txt) - [NC,L]

RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$
RewriteRule ^.*$ index.php [NC,L]
</IfModule>

<Files 403.shtml>
order allow,deny
allow from all
</Files>
 
Sort by date Sort by votes
itshqip said:
Edit: Anyway i find a solution by creating a new Page Rule, at Cloudflare.
Click to expand...
With this comment, it actually makes me wonder if you both have the same problem. Are either of you (@Chad) actually using SSL on your host, or are you just using flexible SSL from CloudFlare?

If you're not actually using SSL between CloudFlare and your host, you're going to need to take a different approach. However, I really would recommend using SSL there as well if possible.
 
Upvote 0 Downvote
Mike said:
With this comment, it actually makes me wonder if you both have the same problem. Are either of you (@Chad) actually using SSL on your host, or are you just using flexible SSL from CloudFlare?

If you're not actually using SSL between CloudFlare and your host, you're going to need to take a different approach. However, I really would recommend using SSL there as well if possible.
Click to expand...

I have exactly the same problem like @Chad.

I don't use flexibile SSL from CloudFlare, iam using SSL from Comodo, but at CloudFlare i created new Page Rule http://*domain.com/* only to redirect users from http to https, because like @Chad described, the method with .httacess for redirection from http to https is not working, and give me an a redirection loop. If you have any answer how to solve this problem with .htaccess i will be so happy.

9d1c9ddba6bf4ccc8d2ada71d1d552fd.png
 
Last edited:
Upvote 0 Downvote
I've never seen Apache not send through the HTTPS variable. This is the "official" recommendation of the approach: https://wiki.apache.org/httpd/RewriteHTTPToHTTPS If that isn't working, then I'd have to recommend falling back to doing it in CloudFlare.

(XenForo isn't actually involved in this redirection at all, so if Apache isn't acting as expected, then I'm not sure what would cause it.)
 
Upvote 0 Downvote
You must log in or register to reply here.

Similar threads

Adam Bloch
  • Question Question
XF 2.2 Lots of redirects
Replies
0
Views
756
Adam Bloch
Adam Bloch
Rhody
  • Question Question
XF 2.2 Post VB 4.x -> XF 2.2 conversion redirect issue
Replies
6
Views
724
Rhody
Rhody
JohnLogar
http request redirect to https
Replies
0
Views
1K
JohnLogar
JohnLogar
Chad
  • Question Question
XF 2.1 Improve PageSpeed / GTmetrix Scores
Replies
19
Views
3K
Anatoliy
Anatoliy
fahad ashraf
XF 2.1 Word press Redirect to install/index.php after upgrade
Replies
12
Views
1K
djbaxter
djbaxter
Top Bottom