Invision Community 4: SEO, prepare for v5 and dormant account notifications By Matt Monday at 02:04 PM
Saurabh Jain Posted January 3, 2016 Posted January 3, 2016 If we purchase a ssl certificate what are the things to be considered in implementing the same Regards Saurabh
EmpireKicking Posted January 3, 2016 Posted January 3, 2016 More on the Server host side then the IPS Software
Saurabh Jain Posted January 3, 2016 Author Posted January 3, 2016 one can be changing urls for facebook . google plus and twitter sign up redirect links another can be reditrect http to https
eGullet Posted January 3, 2016 Posted January 3, 2016 1 - Once you've got your certificate installed at your host, you will likely want to edit your .htaccess (or local equivalent) to do the redirection. With Apache mod_rewrite that might be something like: RewriteCond %{ENV:HTTPS} !on [NC] RewriteRule ^(.*)$ https://your.site.here/$1 [R,L] 2 - If you allow external images, you will probably want to enable the "Serve images from local server" option in the ACP. 3 - Check conf_global.php for any lines that reference the old http protocol and update them to https. 4 - If you are using a non-standard SSL port (e.g. not 443) you need to add this line to constants.php define( 'SSL_PORT', Your weird port here ); 5 - Make sure you are using the correct https URLs for things like Facebook, Google, etc. when they embed content into your site. This should be automatic, but keep an eye on it. That should be everything - Invision's software should detect that it is being served over an HTTPS connection and adjust accordingly.
Mr.Jake Posted January 15, 2016 Posted January 15, 2016 Thanks @eGullet for easy steps. Made my things easier. If someone wonders why something on your page is not using https for some reason, this page was helpful for me to check my custom theme and links and pics: https://www.whynopadlock.com/
ipbfuck Posted January 15, 2016 Posted January 15, 2016 a good step can be also to setup a valid csp (Content Security Policy) in Your htaccess this is a Great improvement in website security
Mr.Jake Posted January 15, 2016 Posted January 15, 2016 There's some info about it https://ole.michelsen.dk/blog/secure-your-website-with-content-security-policy.html
ipbfuck Posted January 15, 2016 Posted January 15, 2016 This is mine (work fine with ipb - http is only in images, necessary for preview when u add image from URL, but immediately fixed by internalproxy when u save) :) Quote # Content-Security-Policy: Header set Content-Security-Policy "default-src https:; connect-src https:; font-src https: data:; frame-src https: data:; img-src https: http: data:; media-src https: data:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:;"
Hexsplosions Posted January 15, 2016 Posted January 15, 2016 Before you do it, read this: Changing to HTTPS counts as a URL change and I had problems because I didn't know about the above.
Saurabh Jain Posted January 23, 2016 Author Posted January 23, 2016 Can moving to https can have a decline in search engines or seo rankings I have more then 220k links in google ?
ipbfuck Posted January 23, 2016 Posted January 23, 2016 I've read something about seo and ssl and seems that google prefer website with ssl. So, if u switch to ssl, your seo ranking, in theory, can improved.
David.. Posted January 23, 2016 Posted January 23, 2016 3 hours ago, Saurabh Jain said: Can moving to https can have a decline in search engines or seo rankings I have more then 220k links in google ? If you do it right, no. Always make sure to 301 redirect from http to https.
Adlago Posted June 4, 2016 Posted June 4, 2016 On 15.01.2016 г. at 7:18 PM, laltroweb.it said: This is mine (work fine with ipb - http is only in images, necessary for preview when u add image from URL, but immediately fixed by internalproxy when u save) frame-src https: data:; -> in validation test is recommended to be replaced with child-src ... style-src 'unsafe-inline' https:; -> no longer used and should be removed.
ipbfuck Posted June 4, 2016 Posted June 4, 2016 i've just changed some time ago with Content-Security-Policy: default-src https:; connect-src https:; font-src https: data:; child-src https: data:; img-src https: http: data: blob:; media-src https: data:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; but i cannot found more info for style-src :|
ipbfuck Posted June 4, 2016 Posted June 4, 2016 i've test, check all result (about 10 minuts) but nothing with style-src 'unsafe-inline' https:;
Adlago Posted June 4, 2016 Posted June 4, 2016 44 minutes ago, laltroweb.it said: i've test, check all result (about 10 minuts) but nothing with style-src 'unsafe-inline' https:; I'm sorry - I'm probably mistaken by many tests
Recommended Posts
Archived
This topic is now archived and is closed to further replies.