Invision Community 4: SEO, prepare for v5 and dormant account notifications By Matt Monday at 02:04 PM
NoGi Posted January 22, 2017 Posted January 22, 2017 Looking at whether it's worth the hassle to install and use SSL on my community. I am on CentOS 7 with PHP 7 and IPS 4.1.17. I will be looking at using Shopify as well
NoGi Posted January 23, 2017 Author Posted January 23, 2017 Ok so a few run SSL, I might start to look into it. Is it a simple process to get working with IPS?
Steph40 Posted January 23, 2017 Posted January 23, 2017 I get no problem at all with ips. Just had to learn how to install it on nginx server then good to go.
Jim M Posted January 24, 2017 Posted January 24, 2017 5 hours ago, NoGi said: Ok so a few run SSL, I might start to look into it. Is it a simple process to get working with IPS? Easy peasy, just need to update you conf_global.php for the URL.
NoGi Posted February 1, 2017 Author Posted February 1, 2017 OK, did the SSL and seemed painless. I just have one issue I want to fix and that is the warning that people get about mixed content? It's a little different to the google one noted in the 4.1.18 release notes: Quote Mixed Content The site includes HTTP resources. When I take a look, it seems to be pointing to local image files. Is there a way to force them to auto use https instead of having to dig up the offending files and manually update the URL?
Steph40 Posted February 2, 2017 Posted February 2, 2017 I don't if that is what you are looking for but go to system -- settings -- posting.
Jim M Posted February 2, 2017 Posted February 2, 2017 6 hours ago, NoGi said: When I take a look, it seems to be pointing to local image files. Is there a way to force them to auto use https instead of having to dig up the offending files and manually update the URL? What are the files? Attachments, theme files or something related to the system? Long as they aren't manually inserted or copy/paste into a post make sure you updated your URL in the conf_global.php. What @Steph40mentioned will take care of future copy/paste images (from anywhere).
NoGi Posted February 2, 2017 Author Posted February 2, 2017 They were images/emoji's that were in the forum descriptions. I went in and fixed them up, now all good.
MeMaBlue Posted February 12, 2018 Posted February 12, 2018 Hello! we changed to ssl we have tons of mixed content due to the signatures members use. they have signatures for their babies (each one has a ticker for their babys age) its impossible to do it manually, i have 40.000 members. what would you do if you were in my place?
Morgin Posted February 12, 2018 Posted February 12, 2018 9 minutes ago, MeMaBlue said: Hello! we changed to ssl we have tons of mixed content due to the signatures members use. they have signatures for their babies (each one has a ticker for their babys age) its impossible to do it manually, i have 40.000 members. what would you do if you were in my place? Personally, I would use cloudflare and have it rewrite them all. https://support.cloudflare.com/hc/en-us/articles/227227647-How-do-I-use-Automatic-HTTPS-Rewrites- that’s a pretty easy solution.
MeMaBlue Posted February 12, 2018 Posted February 12, 2018 On 02/02/2017 at 2:42 AM, Steph40 said: I don't if that is what you are looking for but go to system -- settings -- posting. hello Steph40 wont that change something to the server load or the server traffic ... ? thank you 41 minutes ago, Morgin said: Personally, I would use cloudflare and have it rewrite them all. https://support.cloudflare.com/hc/en-us/articles/227227647-How-do-I-use-Automatic-HTTPS-Rewrites- that’s a pretty easy solution. thanks , i ll send it to my associate to look at!
Steph40 Posted February 12, 2018 Posted February 12, 2018 Well I am no expert but I think it is worth it. You could always store images on a cdn. You can also take a look at this
MeMaBlue Posted February 13, 2018 Posted February 13, 2018 16 hours ago, Steph40 said: Well I am no expert but I think it is worth it. You could always store images on a cdn. You can also take a look at this hello, thank you, I read the support topic and in there a staff member from invision mentioned its already built in , in the 4.2 licence. So i am guessing / assuming they mean this part what @Steph40 posted here am i right @Rhett ?
MeMaBlue Posted February 13, 2018 Posted February 13, 2018 and, when trying to enable it , this window opens up, and I am not sure what it will mean for my server, and how i can estimate beforehand if that would be something i need to avoid or not (server load? size/traffic load?) if i have a forum that contains millions of posts, and dates 12 years now. Is there a way to find out the exact number of these image embeds that will need local server loading?
capei Posted March 6, 2018 Posted March 6, 2018 Been running SSL for a few years now. I just made a rewrite rule on the web server itself to rewrite the protocol to HTTPS if it is not used. You can do it with mod_rewrite with Apache, or URL Rewrite with IIS.
GriefCode Posted March 6, 2018 Posted March 6, 2018 On 13.2.2018 at 5:14 PM, MeMaBlue said: and, when trying to enable it , this window opens up, and I am not sure what it will mean for my server, and how i can estimate beforehand if that would be something i need to avoid or not (server load? size/traffic load?) if i have a forum that contains millions of posts, and dates 12 years now. Is there a way to find out the exact number of these image embeds that will need local server loading? I would personally suggest you to use the cloud flare solution in first hand. This is a more secure option, as you do not need to change anything on your local server. Cloud flare is a CDN, it does store a lot data securely world wide on their server to deliver faster any content to an end user. That does mean, yes it does affect your traffic and load on your server with a positive affect. Lowering load times is pushing your google rank - delivering the images or other files from a CDN does lower your load on the server. I have a rather small sized website compared what you got and it does save me already 10% of my load, taken from their traffic stats. Additionally, it does come with (d)Dos web protections and some other further cool features. I have a zero-filled config, that does mean, aside adding the website over cloud flare, I have done no adjustments (except some HSTS settings) and still got all the savings, I know that you can save a lot more load on your server with other configs, but they are not required for me as my website is too small that it is worth to spent time into it. If you still want to proceed the image proxy solution, I recommend you to setup a migration system and firstly test the plugin for being a lot more secure in the end that you will not kill anything. If you have any questions regarding cloud flare, you may wanna lookup the following topic, it does sum up the main points for using cloud flare. Just my 2 cents, as I have not seen any clear information/answeres regarding your questions. Greetings
ASTRAPI Posted March 6, 2018 Posted March 6, 2018 Using Cloudflare you can redirect all requests to https with one click but is is also easy to do with a simple Nginx rule :-)
beeurd Posted March 20, 2018 Posted March 20, 2018 If you have a lot of old posts with http images, you can use the below script in your .htacess file to "upgrade" the old links to act as if they were https links. Any external images on domains that don't support https will fail to display, so you won't get a mixed content error that breaks your SSL. <IfModule mod_headers.c> Header set Content-Security-Policy "upgrade-insecure-requests" env=HTTPS </IfModule>
opentype Posted March 20, 2018 Posted March 20, 2018 3 hours ago, beeurd said: If you have a lot of old posts with http images, you can use the below script in your .htacess file to "upgrade" the old links to act as if they were https links. Or just upgrade the image URLs through IPS’ image caching. Converting existing content was added recently.
beeurd Posted March 20, 2018 Posted March 20, 2018 12 hours ago, opentype said: Or just upgrade the image URLs through IPS’ image caching. Converting existing content was added recently. That's good to know, I must have missed that update! ?
dragonfly411 Posted August 17, 2018 Posted August 17, 2018 On 3/20/2018 at 6:19 AM, opentype said: Or just upgrade the image URLs through IPS’ image caching. Converting existing content was added recently. @opentype Is that an automatic process or where can I find this please?
Sovereign Grace Singles Posted August 17, 2018 Posted August 17, 2018 On 1/22/2017 at 2:48 AM, NoGi said: Looking at whether it's worth the hassle to install and use SSL on my community. I am on CentOS 7 with PHP 7 and IPS 4.1.17. I will be looking at using Shopify as well No hassle really if you want to run Cloudflare CDN. With one click you can enable the option for a free "universal" Cloudflare SSL. Dedicated are available also: https://blog.cloudflare.com/introducing-universal-ssl/
GriefCode Posted August 20, 2018 Posted August 20, 2018 On 8/18/2018 at 12:48 AM, Christforums said: No hassle really if you want to run Cloudflare CDN. With one click you can enable the option for a free "universal" Cloudflare SSL. Dedicated are available also: https://blog.cloudflare.com/introducing-universal-ssl/ Please do not forget that this is not a full encryption. Yes, you do have a SSL certificate, but only from the user agent to the cloudflare servers. The communication from the cloudflare servers to your servers are unencrypted, unless you have FULL SSL active as option and have an active SSL certificate on your servers.
Platinumwealth.co.za Posted October 21, 2018 Posted October 21, 2018 Let's encrypt or cloudflare both are free. There is no excuse to run a http site anymore.
jcdesign Posted October 21, 2018 Posted October 21, 2018 2 hours ago, Platinumwealth.co.za said: Let's encrypt or cloudflare both are free. If you are on a newer WHM/cPanel there is a free Comodo auto SSL also.
Recommended Posts
Archived
This topic is now archived and is closed to further replies.