Results 1 to 10 of 25

Thread: http to htps

Hybrid View

Previous Post Previous Post   Next Post Next Post
  1. #1
    Senior Member Kitty's Avatar
    Join Date
    Apr 2010
    Location
    Harley Town USA
    Posts
    171

    Default http to htps

    Hi guys,

    When uploading a site/pages, how the heck do I change the entire site to https? I know you can change it when linking to an external site, but my entire site? Yes, there is an SSL set up and it's all working, BUT, when trying to publish an updated page, it must go into outer space because it's not being uploaded as an https page. I imagine just setting the index.html file would be sufficient, but how do I do that (in NOF 2015)? I am stumped.

    I appreciate any suggestions you may have,
    Thanks!!
    ~Kitty
    The biz http://ink2art.com
    Giving it away since 1995... http://fullmoongraphics.com

  2. #2
    Senior Member
    Join Date
    Apr 2010
    Location
    Sydney
    Posts
    2,000

    Default

    you do not change anything in Nof

    all you need to do is upload your site as usual and make sure you modify the .htaccess file so it contains as seen at bottom, and nothing else

    you also need to make sure that you don't have any links to local content pointing to http otherwise you get a warning that only parts are secure.

    example:
    <link rel="shortcut icon" href="https://www.videoproductions.com.au/antons.ico" type="image/x-icon"> (correct)
    <link rel="shortcut icon" href="http://www.videoproductions.com.au/antons.ico" type="image/x-icon"> (wrong)



    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

  3. #3
    Senior Member Kitty's Avatar
    Join Date
    Apr 2010
    Location
    Harley Town USA
    Posts
    171

    Default

    Thanks Anton.

    I did upload new .htaccess file with exactly that info.
    All of site is https now, but when I upload edited NOF page, it doesn't appear. Yes, it's a secure page also, BUT, the edits that I just made and uploaded do not show up.

    stuck...
    The biz http://ink2art.com
    Giving it away since 1995... http://fullmoongraphics.com

  4. #4
    Senior Member Kitty's Avatar
    Join Date
    Apr 2010
    Location
    Harley Town USA
    Posts
    171

    Default

    So, I wound up renaming the current, unedited web page as "old" (via FTP) - then uploaded the edited, "preview" web page. Ta-daa! Well that was easy.
    Just thought there may have been something different in NOF that I missed... probably should be. Kind of like one has the choice when linking an external site, ya know?

    Okee doke, c'ya next time!
    ~Kitty
    The biz http://ink2art.com
    Giving it away since 1995... http://fullmoongraphics.com

  5. #5
    Senior Member
    Join Date
    Apr 2010
    Location
    Sydney
    Posts
    2,000

    Default

    Quote Originally Posted by Kitty View Post
    Thanks Anton.

    I did upload new .htaccess file with exactly that info.
    All of site is https now, but when I upload edited NOF page, it doesn't appear. Yes, it's a secure page also, BUT, the edits that I just made and uploaded do not show up.

    stuck...
    I assume you refreshed browser a few times and cleared browser cache?

  6. #6
    Senior Member Kitty's Avatar
    Join Date
    Apr 2010
    Location
    Harley Town USA
    Posts
    171

    Default

    Quote Originally Posted by antonsvideo View Post
    I assume you refreshed browser a few times and cleared browser cache?

    Yes sir, I did indeed.
    The biz http://ink2art.com
    Giving it away since 1995... http://fullmoongraphics.com

  7. #7
    Senior Member
    Join Date
    Oct 2011
    Posts
    184

    Default

    I would also be interested in how this works with NOF.

    Me, I found it rather difficult what I have I read about the procedures setting up a secure site. I also found out in the sources I have read (like Thawte), that with static websites (like I produce), where no personal information, passwords etc. are collected, I don't need SSL and https yet and in the near future.

  8. #8
    Junior Member
    Join Date
    Nov 2017
    Posts
    6

    Default

    Quote Originally Posted by antonsvideo View Post
    you do not change anything in Nof

    all you need to do is upload your site as usual and make sure you modify the .htaccess file so it contains as seen at bottom, and nothing else

    you also need to make sure that you don't have any links to local content pointing to http otherwise you get a warning that only parts are secure.

    example:
    <link rel="shortcut icon" href="https://www.videoproductions.com.au/antons.ico" type="image/x-icon"> (correct)
    <link rel="shortcut icon" href="http://www.videoproductions.com.au/antons.ico" type="image/x-icon"> (wrong)



    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
    When you say "and nothing else" is that true? I also use .htaccess to set 404 pages etc. Must I delete those instructions?
    Last edited by WM325; 08-11-2018 at 08:06 PM.

  9. #9
    Senior Member
    Join Date
    Nov 2016
    Location
    Michigan USA
    Posts
    104

    Default

    According to the Apache help file:

    "You should avoid using .htaccess files completely if you have access to httpd main server config file. Using .htaccess files slows down your Apache http server. Any directive that you can include in a .htaccess file is better set in a Directory block, as it will have the same effect with better performance."

    You should go to your hosting co. and get support on how to configure THEIR servers. Only they know what's in their httpd.conf file. And they can tell you if you have access to it.

    You can put anything needed in the config files. The above statement about not putting anything else was just a statement about the https configuration. Of coarse you can put other stuff in the file that is appropriate.

    For MS IIS servers there is the web.config file to use in place of htaccess.

    I know a couple of hosting cos. that use scripts to take anything put into an htaccess file, reload the httpd file with it's contents, then kill the htaccess file. The user didn't even know his htaccess file disappeared. The user sees one but it's not really there being read anymore until it's changed or added to by the user. What was changed is scanned by security software before it's reloaded into httpd.conf. Your hosting co. doesn't trust you any more than they would Russian hackers opening accounts to inject malware into their data center.
    Last edited by rick6811; 08-11-2018 at 09:46 PM.

  10. #10
    Senior Member
    Join Date
    Apr 2010
    Location
    Sydney
    Posts
    2,000

    Default

    Quote Originally Posted by WM325 View Post
    When you say "and nothing else" is that true? I also use .htaccess to set 404 pages etc. Must I delete those instructions?
    you can add anything to the .htaccess, what I meant is that the 3 lines is all that is needed for permanent https redirection

    my .htaccess also has other entries to redirect old page names that no longer exist to their new pages

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •