• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

XF 1.4 Which SSL is good for me?

Jeffin

Well-known member
#1
I wanted to bring in https to my forum for two reasons, provide better secure communication and to improve google score for my links. I don't want to invest a lot into it. I just want to get something that is the cheapest available and practically beneficial for my members. I noticed there are many SSLs available, from DV which costs about $5/year to EV which can be quite expensive. Which one should I choose for a forum of my size. Would love some recommendations. Thanks so much.
 

Jeffin

Well-known member
#3
Hi @Sheratan, thank you very for the reply.

My website is not an organisation plus I don't have sub-domain so Comodo PositiveSSL is good enough for both a basic secure connection and Google's https requirement?

Also once I install the certificate, how do I redirect all the links through https? Is that easy to do? Thanks.
 
Last edited:

Sheratan

Well-known member
#4
My website is not an organisation plus I don't have sub-domain so Comodo PositiveSSL is good enough for both a basic secure connection and Google's https requirement?
That would be enough.

Also once I install the certificate, how do I redirect all the links through https? Is that easy to do? Thanks.
It's fairly easy.

> Just change your xenforo URL (admin.php?options/list/basicBoard)
> Put some http to https redirect in .htaccess
> check your themes for any hotlinking images (like using imgur for logo, etc)
> optional: you may change bbcode media site to support https, like change Youtube BBCode "site url" to https://www.youtube.com
 

Jeffin

Well-known member
#6
Hi, this is how my httaccess file looks like

Code:
RewriteOptions inherit
#    Mod_security can interfere with uploading of content such as attachments. If you
#    cannot attach files, remove the "#" from the lines below.
#<IfModule mod_security.c>
#    SecFilterEngine Off
#    SecFilterScanPOST Off
#</IfModule>

ErrorDocument 401 default
ErrorDocument 403 default
ErrorDocument 404 default
ErrorDocument 500 default

# Redirecting non-www to www
RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]

<IfModule mod_rewrite.c>
    RewriteEngine On

    #    If you are having problems with the rewrite rules, remove the "#" from the
    #    line that begins "RewriteBase" below. You will also have to change the path
    #    of the rewrite to reflect the path to your XenForo installation.
    #RewriteBase /xenforo

    #    This line may be needed to enable WebDAV editing with PHP as a CGI.
    #RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

    RewriteCond %{REQUEST_FILENAME} -f [OR]
    RewriteCond %{REQUEST_FILENAME} -l [OR]
    RewriteCond %{REQUEST_FILENAME} -d
    RewriteRule ^.*$ - [NC,L]
    RewriteRule ^(data/|js/|styles/|install/|favicon\.ico|crossdomain\.xml|robots\.txt) - [NC,L]
    RewriteRule ^.*$ index.php [NC,L]
</IfModule>
I have changed the board url via admin.php to https format.

How do I get my domain christianforumsite.com and www.christianforumsite.com to redirect to https://www.christianforumsite.com/ ?
I also want my existing urls to redirect to https. Need help here. Thanks. :rolleyes:



Edit:

I googled and changed the redirect code to this:
Code:
# Redirecting to https
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L,NE]
# Redirecting non-www to www
RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]
Is that fine? It seems to work.
 
Last edited: