Forum Inaccessible - SSL Issue

[TIPF]

Hi,

Please see below exchange between myself and my host provider, I am no coder so it's all lost on me.
Neither my forum nor the ACP are now accessible.
My forum, formally http://www.tipf.co.uk - Now https://tipf.co.uk

Thanks in advance.

From me:

"Hi there,

I've just purchased SSL for my website which has been auto configured, unfortunately, when using https://tipf.co.uk, you'll see the site is broken (have a look at the original http://www.tipf.co.uk), I have no idea how to correct this going forward.

Any help would be appreciated."

Their response:

"Hello,

Thank you for contacting our Technical Support Department.

The issue was caused by the hotlink protection added for your website which I had to disable. Before you activate Hotlink Protection for your site, make sure that you use only relative paths for the links to your images. Otherwise, using absolute image paths will prevent the images from being displayed online!

A redirection rule has been added in your .htaccess file as follows:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Note that you might have to check with the script vendor (or website developer) for the proper way of redirecting your http to https traffic since you might have to edit some hard coded URLs if there is a "mixed content".

Best Regards,"

Edited September 19, 2021 by TIPF
Need Assistance

[TIPF]

I've changed the conf_global.php as advised HERE, but I can't access the ACP to use the Support tool and clear the cache.

[kyriazhs1975]

11 hours ago, TIPF said:

I've changed the conf_global.php as advised HERE, but I can't access the ACP to use the Support tool and clear the cache.

make sure the mod security is disabled in your host. also check your file permissions (644) and folders (755)

 

[Marc Stridgen]

Taking a look there, either something is cached on your server, or your server is redirecting back to http. Please check both of those

[TIPF]

While I appreciate both your replies I have absolutely no idea how to go about making the changes or even checking, coding is not my thing I'm afraid.

[Jimi Wikman]

1 hour ago, TIPF said:

While I appreciate both your replies I have absolutely no idea how to go about making the changes or even checking, coding is not my thing I'm afraid.

Checked your site and it does not seem like the changes have been made properly.

It looks like your hotlink protection is still messing with the redirects, so turn that off again and see if you can reach ACP.

 

 

[TIPF]

3 hours ago, Jimi Wikman said:

It looks like your hotlink protection is still messing with the redirects, so turn that off again and see if you can reach ACP.

As far as I can see there are no hotlinks enabled.

I've managed to access the ACP by removing the redirect put in place by the host (as advised by IPB) and clear the cache, but the formatting is still broken.

I'm afraid I am completely stumped now 😌

[nodle]

Are you using Cloudflare by chance? If so have you purged Cloudlfare's Cache?

[TIPF]

Just now, nodle said:

Are you using Cloudflare by chance? If so have you purged Cloudlfare's Cache?

Never heard of Cloudfare, so I'm guessing I'm not using it.

[Adlago]

On 9/18/2021 at 10:15 PM, TIPF said:

I've changed the conf_global.php as advised HERE, but I can't access the ACP to use the Support tool and clear the cache.

 

On 9/18/2021 at 8:21 PM, TIPF said:

My forum, formally http://www.tipf.co.uk - Now https://tipf.co.uk

Check what exactly you have saved in a change in conf global php. Because now CSS and JS resources for your site are loaded by https://www.tipf.co.uk,

and should be loaded from https://tipf.co.uk,

and therefore nothing is found at these addresses -i.e. you are missing CSS и JS

In your conf_global php should be : .... https://tipf.vo.uk

 

[TIPF]

It was initially saved with the www, I've removed and saved to - $INFO['board_url']            =    'https://tipf.co.uk';

The site is still not formatting correctly I'm afraid.

[Adlago]

You have access to ACP, use and remove cache

[TIPF]

9 minutes ago, Adlago said:

You have access to ACP, use and remove cache

Done that, still the same. The forum is now loading as 'not secure' again.

With the old Support section, IPB would hop onboard and rectify any issues, not anymore. I have no knowledge of PHP, .htaccess etc, so am totally lost.

[Adlago]

22 minutes ago, TIPF said:

Done that, still the same. The forum is now loading as 'not secure' again.

With the old Support section, IPB would hop onboard and rectify any issues, not anymore. I have no knowledge of PHP, .htaccess etc, so am totally lost.

Try in your .htaccess add this

RewriteEngine On
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^www\. [NC]
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]
RewriteRule ^ https://%1%{REQUEST_URI} [L,NE,R=301]

 

[nodle]

Why not grab the new .htaccess file IPS generates and make sure that it is in place so you have the correct rewrites? 

Have you disabled all the addons, and tried the default theme?

Edited September 19, 2021 by nodle

[TDBF]

On 9/18/2021 at 8:15 PM, TIPF said:

I've changed the conf_global.php as advised HERE, but I can't access the ACP to use the Support tool and clear the cache.

From what I have seen. You can still log into your ACP, but because your CSS styles are not included it will make the page hard to read.

You should still be able to navigate around to be able to get to the Clear cache functions in ACP.

[Jimi Wikman]

If you check your code, the CSS is referenced like this:
https://www.tipf.co.uk/uploads/css_built_35/341e4a57816af3ba440d891ca87450ff_framework.css?v=cbbe5fcd171632085049

This result in a hotlink protection, regardless if you use www or not.

So you have some form of hot linking active on the site.

May I ask what control panel you are using? I am guessing it is either cPanel or Plesk?

[Marc Stridgen]

You need to contact your hosting company on this issue here. There is nothing within the software itself that is causing this from what I can see. Your conf_global.php file, when checked yesterday, was set up correctly. The htaccess file is also set up correctly. Something at a server level is causing things to be directed from https to http, and your hosting company should be able to tell you what that is.

[TIPF]

1 hour ago, Jimi Wikman said:

May I ask what control panel you are using? I am guessing it is either cPanel or Plesk?

It is cPanel.

38 minutes ago, Marc Stridgen said:

The htaccess file is also set up correctly

I have 2 htaccess files, 1 at root level (in tipf.co.uk) and 1 in the Forums folder, is this correct and which one should I be editing?

Edited September 20, 2021 by TIPF

[TIPF]

11 hours ago, Adlago said:

Try in your .htaccess add this

RewriteEngine On
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^www\. [NC]
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]
RewriteRule ^ https://%1%{REQUEST_URI} [L,NE,R=301]

 

Adding this to the htaccess has returned the formatting, unfortunately the SSL is no longer use and the site is showing as 'Not secure' again.

[Marc Stridgen]

This has now been corrected for you, and you are able to log in. The issue here is that while your site is at root, its using files from a forums folder. There is a copy of files which are residing in the root of your FTP, and those are not actually the files your site is using. So you are editing the wrong files there. Note, you should not need any of the suggested edits above for your site to work correctly, so they have been removed.

 

All that was needed there was the conf_global.php file to be edited to https correctly. You were editing the wrong one there.

[TIPF]

That's brilliant, thank you very much for all your help, and everyone else that has contributed 👍

Edited September 20, 2021 by TIPF
Fat fingers