Victor Mackey Posted January 23, 2019 Share Posted January 23, 2019 So I have a self-hosted forum and I finally got SSL through Cloudflare. Did everything I was supposed to do, forum works great, but avatars don't load. Randomly. Some avatars work fine for everyone, others don't at all. If I go to the avatar's direct URL, it says 403 forbidden. I don't get it. And sometimes it works, sometimes it doesn't. Is there something I'm missing? Link to comment Share on other sites More sharing options...
Victor Mackey Posted January 23, 2019 Author Share Posted January 23, 2019 Update: The issue seems to be in the .htaccess. If I rename it, it works. I also looked in it a bit, I have this: Quote "RewriteCond %{HTTP_REFERER} !^http://(www\.)?MYDOMAIN(/)?.*$ [NC]" I put https :// in there and it seems to have fixed it for now. Was that the issue? Link to comment Share on other sites More sharing options...
Mark H Posted January 23, 2019 Share Posted January 23, 2019 The use of http or https must be controlled by the value of the "board_url" (or "base_url") variable in the conf_global.php file, not by an .htaccess redirect (which can cause issues). Please see this guide for setting up your site to use https: https://invisioncommunity.com/4guides/advanced-options/configuration-options/using-ssl-https-r273/ and make sure to remove that line from your .htaccess file. Link to comment Share on other sites More sharing options...
Victor Mackey Posted January 23, 2019 Author Share Posted January 23, 2019 Hi Mark. Yup, saw the guide, used it to set up the SSL and everything worked fine except for the avatars. After the .htaccess edit, everything worked fine. So the issue is resolved. BTW, I can't seem to change the License Key to the "https://" URL. Clicking change gives me an error. Should I open up a ticket for it, or is it not that important? Thanks! Link to comment Share on other sites More sharing options...
Mark H Posted January 23, 2019 Share Posted January 23, 2019 Yes, please file a ticket to support and we can make that change to your URL. Link to comment Share on other sites More sharing options...
Victor Mackey Posted January 23, 2019 Author Share Posted January 23, 2019 Will do! Thanks! Link to comment Share on other sites More sharing options...
bfarber Posted January 24, 2019 Share Posted January 24, 2019 23 hours ago, Victor Mackey said: Update: The issue seems to be in the .htaccess. If I rename it, it works. I also looked in it a bit, I have this: I put https :// in there and it seems to have fixed it for now. Was that the issue? Yes. The htaccess command appears to be attempting to block "hotlinked" files (i.e. files linked to by a domain different than yours), but originally only allowed "http://yoursite.com" while the URL was updated to "https://yoursite.com". Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.