SSL server/cookie settings

Get help with installation and running phpBB 3.2.x here. Please do not post bug reports, feature requests, or extension related questions here.
Post Reply
nhseacoast
Registered User
Posts: 373
Joined: Sun Sep 22, 2002 10:31 pm
Location: NH, USA
Contact:

SSL server/cookie settings

Post by nhseacoast » Wed Aug 23, 2017 8:46 pm

OK,
Prior to installing PHPBB 3.2.1 I successfully installed an SSL cert. I thought the changes I made in the config to force url settings would force it to go to https, but now when I log in it goes to mydomain.com:80/index.php?sid=5c94e3800d7dc6d3e4c2ed6b48eb1413 with a "secure connection failed" error.

I know I must have inadvertently made a bad change in the Admin CP. Can someone please help me with this?

Thank you.

User avatar
olalavui
Registered User
Posts: 78
Joined: Sat Dec 13, 2008 3:02 am
Location: Vietnamese
Name: Bui Thanh Tung
Contact:

Re: SSL server/cookie settings

Post by olalavui » Thu Aug 24, 2017 12:25 am

Server port in Server settings must as 443

Please try
Come back phpBB with phpBBVietnam

nhseacoast
Registered User
Posts: 373
Joined: Sun Sep 22, 2002 10:31 pm
Location: NH, USA
Contact:

Re: SSL server/cookie settings

Post by nhseacoast » Thu Aug 24, 2017 2:01 am

I reinstalled my entire board including the DB.

My question is this....how can I get it to default to SSL even if a user doesn't type https://? Can this be done within the config? I have secure cookies enabled. I don't want to FORCE them to use https just incase they get redirected to http.

Thanks.

User avatar
Mick
Support Team Member
Support Team Member
Posts: 17832
Joined: Fri Aug 29, 2008 9:49 am
Location: Cardiff

Re: SSL server/cookie settings

Post by Mick » Thu Aug 24, 2017 9:20 am

Have a search here or Google for ".htaccess redirect", there's a ton of information available.
"The more connected we get the more alone we become" - Kyle Broflovski

There are no ‘threads’ in phpBB, they are topics.
Forza Garibaldi

nhseacoast
Registered User
Posts: 373
Joined: Sun Sep 22, 2002 10:31 pm
Location: NH, USA
Contact:

Re: SSL server/cookie settings

Post by nhseacoast » Thu Aug 24, 2017 9:40 am

I know that's possible, but wouldn't that force them into https? I don't want users to get errors if they are somehow redirected to http.
I really want https for login, registration and maybe the Contact Admin form.
Thanks.

janus_zonstraal
Registered User
Posts: 1645
Joined: Sat Aug 30, 2014 1:30 pm

Re: SSL server/cookie settings

Post by janus_zonstraal » Thu Aug 24, 2017 11:40 am

nhseacoast wrote:
Thu Aug 24, 2017 9:40 am
I know that's possible, but wouldn't that force them into https? I don't want users to get errors if they are somehow redirected to http.
I really want https for login, registration and maybe the Contact Admin form.
Thanks.
Why not the complete board like here on phpbb.com?
Sorry! My English is bat ;) !!!

RoadKing
Registered User
Posts: 16
Joined: Mon Aug 21, 2017 2:40 pm

Re: SSL server/cookie settings

Post by RoadKing » Thu Aug 24, 2017 9:40 pm

nhseacoast wrote:
Thu Aug 24, 2017 2:01 am
I reinstalled my entire board including the DB.

My question is this....how can I get it to default to SSL even if a user doesn't type https://? Can this be done within the config? I have secure cookies enabled. I don't want to FORCE them to use https just incase they get redirected to http.

Thanks.
Try adding this in your .htaccess

Code: Select all

RewriteEngine on
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
Header add "disablevcache" "true"
This worked for me, but I had to set cookie secure to Disable. I'm not shure why yet.
Last edited by RoadKing on Sun Aug 27, 2017 1:36 pm, edited 1 time in total.

janus_zonstraal
Registered User
Posts: 1645
Joined: Sat Aug 30, 2014 1:30 pm

Re: SSL server/cookie settings

Post by janus_zonstraal » Fri Aug 25, 2017 4:57 am

Try adding this in your config.php
:o :shock:

.htaccess you mean I hope?
Sorry! My English is bat ;) !!!

User avatar
3Di
Registered User
Posts: 11705
Joined: Mon Apr 04, 2005 11:09 pm
Location: Milano - Frankfurt
Name: Marco
Contact:

Re: SSL server/cookie settings

Post by 3Di » Fri Aug 25, 2017 5:15 am

Forget any suggested change above posted.
nhseacoast wrote:
Thu Aug 24, 2017 9:40 am
I know that's possible, but wouldn't that force them into https? I don't want users to get errors if they are somehow redirected to http.
In your .htaccess file (YOUR_FORUM_ROOT/.htaccess) after the first 2 lines

Code: Select all

<IfModule mod_rewrite.c>
RewriteEngine on
ADD, AFTER (on a new line)

Code: Select all

RewriteCond %{HTTPS} !=on
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]
The final result would be

Code: Select all

<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTPS} !=on
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]
SAVE the file.

In ACP/cookie settings - set cookie secure to ENABLED.

(that's optional, not really needed, try first without)
In ACP/server settings - set Enable URL Rewriting to YES

Have fun.
Want to compensate me for my interest? Donate
Please PM me only to request paid works. Thx.
Extensions, Scripts, MOD porting, Update/Upgrades

nhseacoast
Registered User
Posts: 373
Joined: Sun Sep 22, 2002 10:31 pm
Location: NH, USA
Contact:

Re: SSL server/cookie settings

Post by nhseacoast » Fri Aug 25, 2017 10:00 am

That worked like a charm! Thank you!

RoadKing
Registered User
Posts: 16
Joined: Mon Aug 21, 2017 2:40 pm

Re: SSL server/cookie settings

Post by RoadKing » Sun Aug 27, 2017 1:37 pm

janus_zonstraal wrote:
Fri Aug 25, 2017 4:57 am
Try adding this in your config.php
:o :shock:

.htaccess you mean I hope?
Absolutly! I have changed my post. 8-)

Post Reply

Return to “[3.2.x] Support Forum”

Who is online

Users browsing this forum: fatalerroras, Paul and 20 guests

cron