SSL server/cookie settings

Get help with installation and running phpBB 3.2.x here. Please do not post bug reports, feature requests, or extension related questions here.
User avatar
nhseacoast
Registered User
Posts: 625
Joined: Sun Sep 22, 2002 10:31 pm
Location: NH, USA
Contact:

SSL server/cookie settings

Post by nhseacoast »

OK,
Prior to installing PHPBB 3.2.1 I successfully installed an SSL cert. I thought the changes I made in the config to force url settings would force it to go to https, but now when I log in it goes to mydomain.com:80/index.php?sid=5c94e3800d7dc6d3e4c2ed6b48eb1413 with a "secure connection failed" error.

I know I must have inadvertently made a bad change in the Admin CP. Can someone please help me with this?

Thank you.
http://nhgunforum.com phpBB v3.2.1
http://wtprise.org phpBB v3.3.2
User avatar
olalavui
Registered User
Posts: 103
Joined: Sat Dec 13, 2008 3:02 am
Location: Vietnam
Name: Bui Thanh Tung
Contact:

Re: SSL server/cookie settings

Post by olalavui »

Server port in Server settings must as 443

Please try
Come back phpBB with phpBBVietnam
User avatar
nhseacoast
Registered User
Posts: 625
Joined: Sun Sep 22, 2002 10:31 pm
Location: NH, USA
Contact:

Re: SSL server/cookie settings

Post by nhseacoast »

I reinstalled my entire board including the DB.

My question is this....how can I get it to default to SSL even if a user doesn't type https://? Can this be done within the config? I have secure cookies enabled. I don't want to FORCE them to use https just incase they get redirected to http.

Thanks.
http://nhgunforum.com phpBB v3.2.1
http://wtprise.org phpBB v3.3.2
User avatar
Mick
Support Team Member
Support Team Member
Posts: 22964
Joined: Fri Aug 29, 2008 9:49 am
Location: Watching cricket probably.

Re: SSL server/cookie settings

Post by Mick »

Have a search here or Google for ".htaccess redirect", there's a ton of information available.
"The more connected we get the more alone we become" - Kyle Broflovski©
User avatar
nhseacoast
Registered User
Posts: 625
Joined: Sun Sep 22, 2002 10:31 pm
Location: NH, USA
Contact:

Re: SSL server/cookie settings

Post by nhseacoast »

I know that's possible, but wouldn't that force them into https? I don't want users to get errors if they are somehow redirected to http.
I really want https for login, registration and maybe the Contact Admin form.
Thanks.
http://nhgunforum.com phpBB v3.2.1
http://wtprise.org phpBB v3.3.2
User avatar
janus_zonstraal
Registered User
Posts: 5057
Joined: Sat Aug 30, 2014 1:30 pm

Re: SSL server/cookie settings

Post by janus_zonstraal »

nhseacoast wrote:
Thu Aug 24, 2017 9:40 am
I know that's possible, but wouldn't that force them into https? I don't want users to get errors if they are somehow redirected to http.
I really want https for login, registration and maybe the Contact Admin form.
Thanks.
Why not the complete board like here on phpbb.com?
Sorry! My English is bat ;) !!!
RoadKing
Registered User
Posts: 16
Joined: Mon Aug 21, 2017 2:40 pm

Re: SSL server/cookie settings

Post by RoadKing »

nhseacoast wrote:
Thu Aug 24, 2017 2:01 am
I reinstalled my entire board including the DB.

My question is this....how can I get it to default to SSL even if a user doesn't type https://? Can this be done within the config? I have secure cookies enabled. I don't want to FORCE them to use https just incase they get redirected to http.

Thanks.
Try adding this in your .htaccess

Code: Select all

RewriteEngine on
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
Header add "disablevcache" "true"
This worked for me, but I had to set cookie secure to Disable. I'm not shure why yet.
Last edited by RoadKing on Sun Aug 27, 2017 1:36 pm, edited 1 time in total.
User avatar
janus_zonstraal
Registered User
Posts: 5057
Joined: Sat Aug 30, 2014 1:30 pm

Re: SSL server/cookie settings

Post by janus_zonstraal »

Try adding this in your config.php
:o :shock:

.htaccess you mean I hope?
Sorry! My English is bat ;) !!!
User avatar
3Di
Former Team Member
Posts: 16097
Joined: Mon Apr 04, 2005 11:09 pm
Location: Milano 🇮🇹 Frankfurt 🇩🇪
Name: Marco
Contact:

Re: SSL server/cookie settings

Post by 3Di »

Forget any suggested change above posted.
nhseacoast wrote:
Thu Aug 24, 2017 9:40 am
I know that's possible, but wouldn't that force them into https? I don't want users to get errors if they are somehow redirected to http.
In your .htaccess file (YOUR_FORUM_ROOT/.htaccess) after the first 2 lines

Code: Select all

<IfModule mod_rewrite.c>
RewriteEngine on
ADD, AFTER (on a new line)

Code: Select all

RewriteCond %{HTTPS} !=on
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]
The final result would be

Code: Select all

<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTPS} !=on
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]
SAVE the file.

In ACP/cookie settings - set cookie secure to ENABLED.

(that's optional, not really needed, try first without)
In ACP/server settings - set Enable URL Rewriting to YES

Have fun.
🆓 Free support for our extensions also provided here: phpBB Studio
🚀 Looking for a specific feature or alternative option? We will rock you!
Please PM me only to request paid works. Thx. Want to compensate me for my interest? Donate
My development's activity º PhpStorm's proud user º Extensions, Scripts, MOD porting, Update/Upgrades
User avatar
nhseacoast
Registered User
Posts: 625
Joined: Sun Sep 22, 2002 10:31 pm
Location: NH, USA
Contact:

Re: SSL server/cookie settings

Post by nhseacoast »

That worked like a charm! Thank you!
http://nhgunforum.com phpBB v3.2.1
http://wtprise.org phpBB v3.3.2
RoadKing
Registered User
Posts: 16
Joined: Mon Aug 21, 2017 2:40 pm

Re: SSL server/cookie settings

Post by RoadKing »

janus_zonstraal wrote:
Fri Aug 25, 2017 4:57 am
Try adding this in your config.php
:o :shock:

.htaccess you mean I hope?
Absolutly! I have changed my post. 8-)
User avatar
Simps
Registered User
Posts: 40
Joined: Thu Jul 23, 2015 11:49 am
Location: Stafford. UK
Name: Simon

Re: SSL server/cookie settings

Post by Simps »

Thank you for this. Worked for me also.
Just had a right nightmare after setting up SSL on my server.
Does the port need to be 443 rather than 80 in Server Settings ?
User avatar
thecoalman
Community Team Member
Community Team Member
Posts: 4259
Joined: Wed Dec 22, 2004 3:52 am
Location: Pennsylvania, U.S.A.
Contact:

Re: SSL server/cookie settings

Post by thecoalman »

Simps wrote:
Mon Feb 26, 2018 12:42 am
Does the port need to be 443 rather than 80 in Server Settings ?
Standard port for https is 443.
“Results! Why, man, I have gotten a lot of results! I have found several thousand things that won’t work.”

Attributed - Thomas Edison
User avatar
Simps
Registered User
Posts: 40
Joined: Thu Jul 23, 2015 11:49 am
Location: Stafford. UK
Name: Simon

Re: SSL server/cookie settings

Post by Simps »

Thank you. All set up and working.
I had a problem with the "Force server URL settings:" setting when turning it on (Yes)
It added https://http// to the url when logging in and out and going in to the ACP
Works fine without it enabled anyway.
User avatar
3Di
Former Team Member
Posts: 16097
Joined: Mon Apr 04, 2005 11:09 pm
Location: Milano 🇮🇹 Frankfurt 🇩🇪
Name: Marco
Contact:

Re: SSL server/cookie settings

Post by 3Di »

"Force server URL settings:" isn't involved in this operation, it's a setting that usually nobody (almost) needs and serves other stuffs.

"Enable URL Rewriting:" instead it is used to 'remove' the "app.php" bit from the urls, in case.
🆓 Free support for our extensions also provided here: phpBB Studio
🚀 Looking for a specific feature or alternative option? We will rock you!
Please PM me only to request paid works. Thx. Want to compensate me for my interest? Donate
My development's activity º PhpStorm's proud user º Extensions, Scripts, MOD porting, Update/Upgrades
Post Reply

Return to “[3.2.x] Support Forum”