Jump to content

How many run SSL?


Do you use SSL currently?  

139 members have voted

You do not have permission to vote in this poll, or see the poll results. Please sign in or register to vote in this poll.

Recommended Posts

  • 2 weeks later...

OK, did the SSL and seemed painless. I just have one issue I want to fix and that is the warning that people get about mixed content? It's a little different to the google one noted in the 4.1.18 release notes:

Quote
Mixed Content
The site includes HTTP resources.

When I take a look, it seems to be pointing to local image files. Is there a way to force them to auto use https instead of having to dig up the offending files and manually update the URL?

Link to comment
Share on other sites

6 hours ago, NoGi said:

 

When I take a look, it seems to be pointing to local image files. Is there a way to force them to auto use https instead of having to dig up the offending files and manually update the URL?

What are the files? Attachments, theme files or something related to the system?

Long as they aren't manually inserted or copy/paste into a post make sure you updated your URL in the conf_global.php.

What @Steph40mentioned will take care of future copy/paste images (from anywhere).

Link to comment
Share on other sites

  • 1 year later...

Hello! we changed to ssl 

we have tons of mixed content  due to the signatures members use.   they have signatures for their babies (each one has a ticker for their babys age)

its impossible to do it manually, i have 40.000 members. 

what would you do if you were in my place? 

Link to comment
Share on other sites

9 minutes ago, MeMaBlue said:

Hello! we changed to ssl 

we have tons of mixed content  due to the signatures members use.   they have signatures for their babies (each one has a ticker for their babys age)

its impossible to do it manually, i have 40.000 members. 

what would you do if you were in my place? 

Personally, I would use cloudflare and have it rewrite them all. 

https://support.cloudflare.com/hc/en-us/articles/227227647-How-do-I-use-Automatic-HTTPS-Rewrites-

that’s a pretty easy solution. 

Link to comment
Share on other sites

On 02/02/2017 at 2:42 AM, Steph40 said:

I don't if that is what you are looking for but go to system -- settings -- posting.

Untitled.png

hello Steph40

wont that change something to the server load or the server traffic ... ?

thank you

41 minutes ago, Morgin said:

Personally, I would use cloudflare and have it rewrite them all. 

https://support.cloudflare.com/hc/en-us/articles/227227647-How-do-I-use-Automatic-HTTPS-Rewrites-

that’s a pretty easy solution. 

thanks , i ll send it to my associate to look at!

Link to comment
Share on other sites

16 hours ago, Steph40 said:

Well I am no expert but I think it is worth it. You could always store images on a cdn.

You can also take a look at this

 

hello, thank you,  I read the support topic and in there a staff member from invision mentioned its already built in , in the 4.2 licence. 

So i am guessing / assuming they mean this part what @Steph40 posted here  

am i right @Rhett  ?

Link to comment
Share on other sites

image.thumb.png.35f21a2accf6dc27fe21164390902f0a.png

and, when trying to enable it ,  this window opens up, 

and I am not sure what it will mean for my server, and how i can estimate beforehand if that would be something i need to avoid or not

(server load? size/traffic load?) if i have a forum that contains millions of posts, and dates 12 years now. 

Is there a way to find out the exact number of these image embeds that will need local server loading?  

Link to comment
Share on other sites

  • 3 weeks later...

Been running SSL for a few years now. I just made a rewrite rule on the web server itself to rewrite the protocol to HTTPS if it is not used. You can do it with mod_rewrite with Apache, or URL Rewrite with IIS.

Link to comment
Share on other sites

On 13.2.2018 at 5:14 PM, MeMaBlue said:

image.thumb.png.35f21a2accf6dc27fe21164390902f0a.png

and, when trying to enable it ,  this window opens up, 

and I am not sure what it will mean for my server, and how i can estimate beforehand if that would be something i need to avoid or not

(server load? size/traffic load?) if i have a forum that contains millions of posts, and dates 12 years now. 

Is there a way to find out the exact number of these image embeds that will need local server loading?  

I would personally suggest you to use the cloud flare solution in first hand. This is a more secure option, as you do not need to change anything on your local server.
Cloud flare is a CDN, it does store a lot data securely world wide on their server to deliver faster any content to an end user. That does mean, yes it does affect your traffic and load on your server with a positive affect.
Lowering load times is pushing your google rank - delivering the images or other files from a CDN does lower your load on the server. I have a rather small sized website compared what you got and it does save me already 10% of my load, taken from their traffic stats. Additionally, it does come with (d)Dos web protections and some other further cool features.
image.thumb.png.0f5df049718c51125312ff4af11fc304.png

I have a zero-filled config, that does mean, aside adding the website over cloud flare, I have done no adjustments (except some HSTS settings) and still got all the savings, I know that you can save a lot more load on your server with other configs, but they are not required for me as my website is too small that it is worth to spent time into it.

If you still want to proceed the image proxy solution, I recommend you to setup a migration system and firstly test the plugin for being a lot more secure in the end that you will not kill anything.

If you have any questions regarding cloud flare, you may wanna lookup the following topic, it does sum up the main points for using cloud flare.

Just my 2 cents, as I have not seen any clear information/answeres regarding your questions.

Greetings

Link to comment
Share on other sites

  • 2 weeks later...

If you have a lot of old posts with http images, you can use the below script in your .htacess file to "upgrade" the old links to act as if they were https links. Any external images on domains that don't support https will fail to display, so you won't get a mixed content error that breaks your SSL.

<IfModule mod_headers.c>
  Header set Content-Security-Policy "upgrade-insecure-requests" env=HTTPS
</IfModule>

 

Link to comment
Share on other sites

3 hours ago, beeurd said:

If you have a lot of old posts with http images, you can use the below script in your .htacess file to "upgrade" the old links to act as if they were https links.

Or just upgrade the image URLs through IPS’ image caching. Converting existing content was added recently. 

Link to comment
Share on other sites

  • 4 months later...
On 1/22/2017 at 2:48 AM, NoGi said:

Looking at whether it's worth the hassle to install and use SSL on my community. I am on CentOS 7 with PHP 7 and IPS 4.1.17. I will be looking at using Shopify as well

No hassle really if you want to run Cloudflare CDN. With one click you can enable the option for a free "universal" Cloudflare SSL. Dedicated are available also:

https://blog.cloudflare.com/introducing-universal-ssl/

Link to comment
Share on other sites

On 8/18/2018 at 12:48 AM, Christforums said:

No hassle really if you want to run Cloudflare CDN. With one click you can enable the option for a free "universal" Cloudflare SSL. Dedicated are available also:

https://blog.cloudflare.com/introducing-universal-ssl/

Please do not forget that this is not a full encryption.

Yes, you do have a SSL certificate, but only from the user agent to the cloudflare servers.
The communication from the cloudflare servers to your servers are unencrypted, unless you have FULL SSL active as option and have an active SSL certificate on your servers.

Link to comment
Share on other sites

  • 2 months later...

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...