1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

XF 1.4 Which SSL is good for me?

Discussion in 'XenForo Questions and Support' started by Jeffin, Aug 27, 2014.

  1. Jeffin

    Jeffin Well-Known Member

    I wanted to bring in https to my forum for two reasons, provide better secure communication and to improve google score for my links. I don't want to invest a lot into it. I just want to get something that is the cheapest available and practically beneficial for my members. I noticed there are many SSLs available, from DV which costs about $5/year to EV which can be quite expensive. Which one should I choose for a forum of my size. Would love some recommendations. Thanks so much.
  2. Sheratan

    Sheratan Well-Known Member

    If you dont use subdomain and you're site is not an organization site, just use standard Class 1 SSL which around $5-10/year
    Jeffin likes this.
  3. Jeffin

    Jeffin Well-Known Member

    Hi @Sheratan, thank you very for the reply.

    My website is not an organisation plus I don't have sub-domain so Comodo PositiveSSL is good enough for both a basic secure connection and Google's https requirement?

    Also once I install the certificate, how do I redirect all the links through https? Is that easy to do? Thanks.
    Last edited: Aug 27, 2014
  4. Sheratan

    Sheratan Well-Known Member

    That would be enough.

    It's fairly easy.

    > Just change your xenforo URL (admin.php?options/list/basicBoard)
    > Put some http to https redirect in .htaccess
    > check your themes for any hotlinking images (like using imgur for logo, etc)
    > optional: you may change bbcode media site to support https, like change Youtube BBCode "site url" to https://www.youtube.com
    Jeffin likes this.
  5. Jeffin

    Jeffin Well-Known Member

    Thank you very much.
  6. Jeffin

    Jeffin Well-Known Member

    Hi, this is how my httaccess file looks like

    RewriteOptions inherit
    #    Mod_security can interfere with uploading of content such as attachments. If you
    #    cannot attach files, remove the "#" from the lines below.
    #<IfModule mod_security.c>
    #    SecFilterEngine Off
    #    SecFilterScanPOST Off
    ErrorDocument 401 default
    ErrorDocument 403 default
    ErrorDocument 404 default
    ErrorDocument 500 default
    # Redirecting non-www to www
    RewriteEngine On
    RewriteCond %{HTTP_HOST} !^www\.
    RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]
    <IfModule mod_rewrite.c>
        RewriteEngine On
        #    If you are having problems with the rewrite rules, remove the "#" from the
        #    line that begins "RewriteBase" below. You will also have to change the path
        #    of the rewrite to reflect the path to your XenForo installation.
        #RewriteBase /xenforo
        #    This line may be needed to enable WebDAV editing with PHP as a CGI.
        #RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
        RewriteCond %{REQUEST_FILENAME} -f [OR]
        RewriteCond %{REQUEST_FILENAME} -l [OR]
        RewriteCond %{REQUEST_FILENAME} -d
        RewriteRule ^.*$ - [NC,L]
        RewriteRule ^(data/|js/|styles/|install/|favicon\.ico|crossdomain\.xml|robots\.txt) - [NC,L]
        RewriteRule ^.*$ index.php [NC,L]
    I have changed the board url via admin.php to https format.

    How do I get my domain christianforumsite.com and www.christianforumsite.com to redirect to https://www.christianforumsite.com/ ?
    I also want my existing urls to redirect to https. Need help here. Thanks. :rolleyes:


    I googled and changed the redirect code to this:
    # Redirecting to https
    RewriteCond %{HTTPS} off
    RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L,NE]
    # Redirecting non-www to www
    RewriteEngine On
    RewriteCond %{HTTP_HOST} !^www\.
    RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]
    Is that fine? It seems to work.
    Last edited: Aug 27, 2014

Share This Page