So, I'm considering switching over to a secure server very soon.  My questions about this are

1. EXACTLY what files need manual changing or configuration to properly implement HTTPS.   System files obviously.  Not talking 3rd party stuff. 
2. What are the steps in changing any files mentioned in point 1. 
3. What actions are taken within the ACP?
4. Ive read certain posts where all forum POSTS are not accessible after transition.  What's the solution for this. 
5. Are there any known 3rd party apps that don't play nice with a secure server. 

Sorry if if this has been answered elsewhere but I haven't been able to find a good solid detailed guide on this. I'm running 4.1.11

 

So, I'm considering switching over to a secure server very soon.  My questions about this are

1. EXACTLY what files need manual changing or configuration to properly implement HTTPS.   System files obviously.  Not talking 3rd party stuff. 
2. What are the steps in changing any files mentioned in point 1. 

Activate SSL on your server.
Change the base URL in global_conf.php to https
Set URL forwarding from http to https for every URL via htaccess

  50 minutes ago, pilotguy said:

1. What actions are taken within the ACP?

Clear the cache. 

Optional but recommended: Turn on the image proxy so embedded external images are served via SSL from your site. 

  50 minutes ago, pilotguy said:

1. Ive read certain posts where all forum POSTS are not accessible after transition.  What's the solution for this. 

• manually editing and saving each post so the proxy can kick in
• use a third party plugin

 

manually editing and saving each post so the proxy can kick in

Manually editing/saving EACH post?  Oh my... I have A LOT of posts.  Does that 3rd party app linked also do that.  Seems its related to images.

 

Manually editing/saving EACH post?

I should have been more precise: Each post with insecure content embedded in it. 

Understood - Now the 3rd party app reference makes a bit more sense.  Thanks @opentype!

If you have altered or added any menu bar items (urls) make sure you swop these over to https as well - I forgot about this

Ok - I'm having an issue with the redirect and need some clarification.

I have edited the .htaccess file in my root directory.  Not the directory in which IPS resides (public_html) but the directory before that. 

RewriteCond %{HTTP_HOST} www.example.net$
RewriteRule ^/?$ "https://www.example.net" [R=301,L]

However, if I enter in HTTP://www.example.net I get no redirect.  It simply goes to the HTTP site with no redirect to the secure HTTPS version.  To get to that I need to manually enter HTTPS.

If I place the above code in my site directories htaccess file I get a 500 internal server error.

What am I doing wrong here?

I found the problem and it is fixed now.

 

I found the problem and it is fixed now.

Glad you got it sorted, for your info to re-direct all http to https this is what i use in .htaccess

# all http to https

RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

 

Ok - I searched my provider itself for redirects and this is the code that was suggested.  Seems to work.

rewritecond %{http_host} ^coolexample.com [nc]

rewriterule ^(.*)$ http://www.coolexample.com/$1 [r=301,nc]

 

I have noticed and checked a clear worse TTFB.

On webpagetest, the TTBF of my community used to be about 500ms. With HTTPS it has jumped to 1000ms.

Have I done something wrong eventually or was it expected?

To clarify there is no need to setup any https forwarding at all, with IPS4 it will pick this up from your conf_global.php file, so all that is needed are the steps below.

1. setup ssl on your site/host

2. edit your conf_global.php file, change http to https

3. Log into the admincp and run the first step of the support tool to clear the cache.

 

 

 

I have removed the forwarding. There was no difference on TTBF. Is there any other thing I could check?

 

I have removed the forwarding. There was no difference on TTBF. Is there any other thing I could check?

I personally wouldn't get hung up on testing data, it will vary by testing site, I would stick with real world loading times, and response times of your site.  It's loading quickly for me in testing, are you seeing any issues? (ignoring the testing site data) 

Yes, I can see a little freeze before pages loading. It did not happen before SSL.

Did you run the support tool on your site after changing the conf file? it's still loading a profile image from http.  I was testing the site on this topic in the first post too, sorry about that, your site is pretty slow, but it's a long ways from me too.  Your forum home page for example has been sitting for 20 seconds trying to load, so there are other issues at play here it seems. 

 

 

Yes, I have run the support tool. For me it's not that slow... 20 secs... it's about 2 secs freezing before start to low the next page.

 

Glad you got it sorted, for your info to re-direct all http to https this is what i use in .htaccess

# all http to https

RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

 

I used that code but now if someone clicks on link to my site it redirects to HTTPS but to /index.php not URI it should. I believe IPS mod_rewrite has to be changed somehow?

Joining this thread to keep informed; newbie admin here. 

Seems that the problem to TTFB was with Cloudflare. They have 3 types of configuration: FLEXIBLE, FULL and FULL STRICT. The last 2 cause problems with TTFB.

I have sorted it out with Support. No need to any htaccess redirect.

 

 

I have sorted it out with Support. No need to any htaccess redirect.

 

Do I need to apply this patch on 4.1.12.1?

I did and its working now  

Thanks a lot! ?