SSL server/cookie settings

Get help with installation and running phpBB 3.2.x here. Please do not post bug reports, feature requests, or extension related questions here.
Post Reply
nhseacoast
Registered User
Posts: 365
Joined: Sun Sep 22, 2002 10:31 pm
Location: NH, USA
Contact:

SSL server/cookie settings

Post by nhseacoast » Wed Aug 23, 2017 8:46 pm

OK,
Prior to installing PHPBB 3.2.1 I successfully installed an SSL cert. I thought the changes I made in the config to force url settings would force it to go to https, but now when I log in it goes to mydomain.com:80/index.php?sid=5c94e3800d7dc6d3e4c2ed6b48eb1413 with a "secure connection failed" error.

I know I must have inadvertently made a bad change in the Admin CP. Can someone please help me with this?

Thank you.

User avatar
olalavui
Registered User
Posts: 78
Joined: Sat Dec 13, 2008 3:02 am
Location: Vietnamese
Name: Bui Thanh Tung
Contact:

Re: SSL server/cookie settings

Post by olalavui » Thu Aug 24, 2017 12:25 am

Server port in Server settings must as 443

Please try
Come back phpBB with phpBBVietnam

nhseacoast
Registered User
Posts: 365
Joined: Sun Sep 22, 2002 10:31 pm
Location: NH, USA
Contact:

Re: SSL server/cookie settings

Post by nhseacoast » Thu Aug 24, 2017 2:01 am

I reinstalled my entire board including the DB.

My question is this....how can I get it to default to SSL even if a user doesn't type https://? Can this be done within the config? I have secure cookies enabled. I don't want to FORCE them to use https just incase they get redirected to http.

Thanks.

User avatar
Mick
Support Team Member
Support Team Member
Posts: 17718
Joined: Fri Aug 29, 2008 9:49 am

Re: SSL server/cookie settings

Post by Mick » Thu Aug 24, 2017 9:20 am

Have a search here or Google for ".htaccess redirect", there's a ton of information available.
"The more connected we get the more alone we become" - Kyle Broflovski

Forza Garibaldi

nhseacoast
Registered User
Posts: 365
Joined: Sun Sep 22, 2002 10:31 pm
Location: NH, USA
Contact:

Re: SSL server/cookie settings

Post by nhseacoast » Thu Aug 24, 2017 9:40 am

I know that's possible, but wouldn't that force them into https? I don't want users to get errors if they are somehow redirected to http.
I really want https for login, registration and maybe the Contact Admin form.
Thanks.

janus_zonstraal
Registered User
Posts: 1473
Joined: Sat Aug 30, 2014 1:30 pm

Re: SSL server/cookie settings

Post by janus_zonstraal » Thu Aug 24, 2017 11:40 am

nhseacoast wrote:
Thu Aug 24, 2017 9:40 am
I know that's possible, but wouldn't that force them into https? I don't want users to get errors if they are somehow redirected to http.
I really want https for login, registration and maybe the Contact Admin form.
Thanks.
Why not the complete board like here on phpbb.com?
Sorry! My English is bat ;) !!!

RoadKing
Registered User
Posts: 16
Joined: Mon Aug 21, 2017 2:40 pm

Re: SSL server/cookie settings

Post by RoadKing » Thu Aug 24, 2017 9:40 pm

nhseacoast wrote:
Thu Aug 24, 2017 2:01 am
I reinstalled my entire board including the DB.

My question is this....how can I get it to default to SSL even if a user doesn't type https://? Can this be done within the config? I have secure cookies enabled. I don't want to FORCE them to use https just incase they get redirected to http.

Thanks.
Try adding this in your .htaccess

Code: Select all

RewriteEngine on
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
Header add "disablevcache" "true"
This worked for me, but I had to set cookie secure to Disable. I'm not shure why yet.
Last edited by RoadKing on Sun Aug 27, 2017 1:36 pm, edited 1 time in total.

janus_zonstraal
Registered User
Posts: 1473
Joined: Sat Aug 30, 2014 1:30 pm

Re: SSL server/cookie settings

Post by janus_zonstraal » Fri Aug 25, 2017 4:57 am

Try adding this in your config.php
:o :shock:

.htaccess you mean I hope?
Sorry! My English is bat ;) !!!

User avatar
3Di
Registered User
Posts: 11556
Joined: Mon Apr 04, 2005 11:09 pm
Location: Milano - Frankfurt
Name: Marco
Contact:

Re: SSL server/cookie settings

Post by 3Di » Fri Aug 25, 2017 5:15 am

Forget any suggested change above posted.
nhseacoast wrote:
Thu Aug 24, 2017 9:40 am
I know that's possible, but wouldn't that force them into https? I don't want users to get errors if they are somehow redirected to http.
In your .htaccess file (YOUR_FORUM_ROOT/.htaccess) after the first 2 lines

Code: Select all

<IfModule mod_rewrite.c>
RewriteEngine on
ADD, AFTER (on a new line)

Code: Select all

RewriteCond %{HTTPS} !=on
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]
The final result would be

Code: Select all

<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTPS} !=on
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]
SAVE the file.

In ACP/cookie settings - set cookie secure to ENABLED.

(that's optional, not really needed, try first without)
In ACP/server settings - set Enable URL Rewriting to YES

Have fun.
Want to compensate me for my interest? You can.
You can pm me only in case of request for paid job. Thx.
MOD conversions, Extensions and Scripts for phpBB.

nhseacoast
Registered User
Posts: 365
Joined: Sun Sep 22, 2002 10:31 pm
Location: NH, USA
Contact:

Re: SSL server/cookie settings

Post by nhseacoast » Fri Aug 25, 2017 10:00 am

That worked like a charm! Thank you!

RoadKing
Registered User
Posts: 16
Joined: Mon Aug 21, 2017 2:40 pm

Re: SSL server/cookie settings

Post by RoadKing » Sun Aug 27, 2017 1:37 pm

janus_zonstraal wrote:
Fri Aug 25, 2017 4:57 am
Try adding this in your config.php
:o :shock:

.htaccess you mean I hope?
Absolutly! I have changed my post. 8-)

Post Reply

Return to “[3.2.x] Support Forum”

Who is online

Users browsing this forum: Bing [Bot], canonknipser, craig.constantine, janus_zonstraal, khabbab, Nycklick, Steve and 16 guests