http and https ?

[SecondSight]

Hello ! ?

I read this in the improvements articles (technical changes) :

Quote

The login with HTTPS option has been removed and those who were using it will be given instructions to convert their entire community to HTTPS.

I don't understand this. What does it imply ? If one upgrades, then his community will be using https ?

Can someone tell me what the instructions are ? What do I have to do on my server ? It's better to know before begining the upgrade...

Thank you. ?

[Stuart Silvester]

59 minutes ago, SecondSight said:

Hello ! ?

I read this in the improvements articles (technical changes) :

I don't understand this. What does it imply ? If one upgrades, then his community will be using https ?

Can someone tell me what the instructions are ? What do I have to do on my server ? It's better to know before begining the upgrade...

Thank you. ?

In earlier versions of Invision Community, we had the ability where you could enable HTTPS for logins (and the AdminCP) only. We've removed this due to changes in modern technology and the push to make sites completely behind SSL. If this applies to you, the upgrader will let you know before the upgrade begins.

You can follow our guide here: 

 

[DSystem]

Aqui não conf_global.php não há board_url , ele tem base_url

Eu adiciono board_url ?

Quote

<?php

$INFO = array (
  'sql_host' => 'localhost',
  'sql_database' => 'database',
  'sql_user' => 'user',
  'sql_pass' => '123456',
  'sql_port' => 3306,
  'sql_socket' => '/var/lib/mysql/mysql.sock',
  'sql_tbl_prefix' => '',
  'sql_utf8mb4' => true,
  'board_start' => 1488319759,
  'installed' => true,
  'base_url' => 'https://eletronicabr.com/',
  'guest_group' => 2,
  'member_group' => 3,
  'admin_group' => 4,
);

 

[SecondSight]

So, if I understand well, since I'm not using https so far, I won't be asked anything about it during the upgrade process. ?

In that case, I will upgrade first and will consider using https after upgrading.

Thank you. ?

[Stuart Silvester]

16 hours ago, DSystem said:

Aqui não conf_global.php não há board_url , ele tem base_url

Eu adiciono board_url ?

 

I have updated the guide, but yes it can be either of those parameters.

18 minutes ago, SecondSight said:

So, if I understand well, since I'm not using https so far, I won't be asked anything about it during the upgrade process. ?

In that case, I will upgrade first and will consider using https after upgrading.

Thank you. ?

No problem, Don't forget to enable 'serve images locally?' setting when you enable HTTPS 

[SecondSight]

Hello ! ?

I've had a look at my conf_global.php file. I saw there are many lines where there is a http :

Quote

 

$INFO['blog_upload_url']  = 'http://website.com/uploads';

$INFO['gl_link'] = 'http://website.com/index.php?showtopic=462';

$INFO['home_url'] =  'https://website.com';

$INFO['html_url']  =  'https://website.com';

$INFO['upload_url'] = 'http://website.com/uploads';

 

Should I also change the http to https for all these urls ?

Thank you. ?

[Stuart Silvester]

54 minutes ago, SecondSight said:

Hello ! ?

I've had a look at my conf_global.php file. I saw there are many lines where there is a http :

Should I also change the http to https for all these urls ?

Thank you. ?

No, those are legacy variables, you can ignore those.

[SecondSight]

Well, I asked my server management company to check if everything was ready on my server to use https and... they enabled https on my website. 

This changed my plans... So, I ran the support tool, updated my community's license, and enabled 'serve images locally'.

It seems like it's working fine, except for the index page :

https://forums-enseignants-du-primaire.com

[AlexWright]

It seems to still be rebuilding. Here's a list of the ones that aren't being served over HTTPS yet:

[bpn]

If our forum has an old hot-linked image http://host.com/image.jpg and host.com is now secure and the image is also available as  https://host.com/image.jpg

Will imageproxy still download it? 

[openfire]

On 4/26/2018 at 11:28 AM, Stuart Silvester said:

I have updated the guide, but yes it can be either of those parameters.

No problem, Don't forget to enable 'serve images locally?' setting when you enable HTTPS 

Thanks for pointing this out, I was unaware.

Aside from what has already been mentioned in this thread, are there any other settings etc, that should be changed if I'm using HTTPS?

Thanks again.

[bfarber]

On 4/27/2018 at 6:28 PM, SecondSight said:

Well, I asked my server management company to check if everything was ready on my server to use https and... they enabled https on my website. 

This changed my plans... So, I ran the support tool, updated my community's license, and enabled 'serve images locally'.

It seems like it's working fine, except for the index page :

https://forums-enseignants-du-primaire.com

Feel free to submit a ticket if you need assistance, although it seems like the page is working presently.

On 4/27/2018 at 10:28 PM, bpn said:

If our forum has an old hot-linked image http://host.com/image.jpg and host.com is now secure and the image is also available as  https://host.com/image.jpg

Will imageproxy still download it? 

As long as they redirect http to https on their end, yes. We make an HTTP request to download the hotlinked image and follow redirects that are indicated.

20 hours ago, openfire said:

Thanks for pointing this out, I was unaware.

Aside from what has already been mentioned in this thread, are there any other settings etc, that should be changed if I'm using HTTPS?

Thanks again.

If your file storage handlers are not serving over https but can, those should be adjusted as well. Most sites don't have to worry about this, but if you use a CDN you may have set up an alternate custom URL for your file storage handler.