1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SSL

Discussion in 'Server Configuration and Hosting' started by Slind, Aug 14, 2013.

  1. Slind

    Slind Active Member

  2. Jeremy

    Jeremy XenForo Moderator Staff Member

    Is your server set up to support SSL? I can't even get your forum to load.
     
  3. Slind

    Slind Active Member

    yeah changed the dns today, maybe it takes a while

    MineYourMind Community - Google Chrome_2013-08-14_21-49-33.jpg 404 Not Found - Google Chrome_2013-08-14_21-50-01.jpg Applications  Admin CP - MineYourMind Community - Google Chrome_2013-08-14_21-50-12.jpg
     
  4. Jeremy

    Jeremy XenForo Moderator Staff Member

    Do you have a proper .htaccess file? It looks as if you don't have it set up on your server to allow friendly URLs to function.
     
  5. Slind

    Slind Active Member

    Code:
     RewriteEngine On
    RewriteCond %{HTTPS} !=on
    RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]
    
    #    Mod_security can interfere with uploading of content such as attachments. If you
    #    cannot attach files, remove the "#" from the lines below.
    #<IfModule mod_security.c>
    #    SecFilterEngine Off
    #    SecFilterScanPOST Off
    #</IfModule>
    
    ErrorDocument 401 default
    ErrorDocument 403 default
    ErrorDocument 404 default
    ErrorDocument 500 default
    
    <IfModule mod_rewrite.c>
        RewriteEngine On
    
        #    If you are having problems with the rewrite rules, remove the "#" from the
        #    line that begins "RewriteBase" below. You will also have to change the path
        #    of the rewrite to reflect the path to your XenForo installation.
        #RewriteBase /xenforo
    
        #    This line may be needed to enable WebDAV editing with PHP as a CGI.
        #RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
    
        RewriteCond %{REQUEST_FILENAME} -f [OR]
        RewriteCond %{REQUEST_FILENAME} -l [OR]
        RewriteCond %{REQUEST_FILENAME} -d
        RewriteRule ^.*$ - [NC,L]
        RewriteRule ^(data/|js/|styles/|install/|favicon\.ico|crossdomain\.xml|robots\.txt) - [NC,L]
        RewriteRule ^.*$ index.php [NC,L]
    </IfModule>
    
     
  6. Slind

    Slind Active Member

    got it. forgot to change _default_ to *
    fuu preset
     
  7. Floren

    Floren Well-Known Member

    Your SSL setup is not proper:
    https://mineyourmind.de/forum/
    https://www.mineyourmind.de/forum/ !!

    SSL Labs:
    https://www.ssllabs.com/ssltest/analyze.html?d=https://mineyourmind.de/forum/&hideResults=on
    https://www.ssllabs.com/ssltest/analyze.html?d=mineyourmind.de&s=94.249.198.99&hideResults=on
    You're vulnerable to BEAST attacks and have no support for TLS 1.2.

    Proper setup:
    https://www.ssllabs.com/ssltest/analyze.html?d=www.google.com&s=74.125.227.148&hideResults=on
    https://www.ssllabs.com/ssltest/analyze.html?d=https://www.axivo.com/community/&hideResults=on
    Note: Chain anchor is NOT an issue, according to RFC5246:
    "Because certificate validation requires that root keys be distributed independently, the self-signed certificate that specifies the root certificate authority MAY be omitted from the chain, under the assumption that the remote end must already possess it in order to validate it in any case."
     
    Last edited: Aug 15, 2013
  8. Slind

    Slind Active Member

    wow thanks. Is this a problem from the apache2 setup or from the certificate ?
     
  9. Floren

    Floren Well-Known Member

    Both.
     
  10. Slind

    Slind Active Member

    could u give me some more information, i dont realy know how to work with this
     

Share This Page