SSL server/cookie settings

Get help with installation and running phpBB 3.2.x here. Please do not post bug reports, feature requests, or extension related questions here.
User avatar
nhseacoast
Registered User
Posts: 482
Joined: Sun Sep 22, 2002 10:31 pm
Location: NH, USA
Contact:

SSL server/cookie settings

Post by nhseacoast » Wed Aug 23, 2017 8:46 pm

OK,
Prior to installing PHPBB 3.2.1 I successfully installed an SSL cert. I thought the changes I made in the config to force url settings would force it to go to https, but now when I log in it goes to mydomain.com:80/index.php?sid=5c94e3800d7dc6d3e4c2ed6b48eb1413 with a "secure connection failed" error.

I know I must have inadvertently made a bad change in the Admin CP. Can someone please help me with this?

Thank you.

User avatar
olalavui
Registered User
Posts: 79
Joined: Sat Dec 13, 2008 3:02 am
Location: Vietnamese
Name: Bui Thanh Tung
Contact:

Re: SSL server/cookie settings

Post by olalavui » Thu Aug 24, 2017 12:25 am

Server port in Server settings must as 443

Please try
Come back phpBB with phpBBVietnam

User avatar
nhseacoast
Registered User
Posts: 482
Joined: Sun Sep 22, 2002 10:31 pm
Location: NH, USA
Contact:

Re: SSL server/cookie settings

Post by nhseacoast » Thu Aug 24, 2017 2:01 am

I reinstalled my entire board including the DB.

My question is this....how can I get it to default to SSL even if a user doesn't type https://? Can this be done within the config? I have secure cookies enabled. I don't want to FORCE them to use https just incase they get redirected to http.

Thanks.

User avatar
Mick
Support Team Member
Support Team Member
Posts: 19332
Joined: Fri Aug 29, 2008 9:49 am
Location: Cardiff
Contact:

Re: SSL server/cookie settings

Post by Mick » Thu Aug 24, 2017 9:20 am

Have a search here or Google for ".htaccess redirect", there's a ton of information available.
"The more connected we get the more alone we become" - Kyle Broflovski

There are no ‘threads’ in phpBB, they are topics.
Forza Garibaldi

User avatar
nhseacoast
Registered User
Posts: 482
Joined: Sun Sep 22, 2002 10:31 pm
Location: NH, USA
Contact:

Re: SSL server/cookie settings

Post by nhseacoast » Thu Aug 24, 2017 9:40 am

I know that's possible, but wouldn't that force them into https? I don't want users to get errors if they are somehow redirected to http.
I really want https for login, registration and maybe the Contact Admin form.
Thanks.

janus_zonstraal
Registered User
Posts: 2354
Joined: Sat Aug 30, 2014 1:30 pm

Re: SSL server/cookie settings

Post by janus_zonstraal » Thu Aug 24, 2017 11:40 am

nhseacoast wrote:
Thu Aug 24, 2017 9:40 am
I know that's possible, but wouldn't that force them into https? I don't want users to get errors if they are somehow redirected to http.
I really want https for login, registration and maybe the Contact Admin form.
Thanks.
Why not the complete board like here on phpbb.com?
Sorry! My English is bat ;) !!!

RoadKing
Registered User
Posts: 16
Joined: Mon Aug 21, 2017 2:40 pm

Re: SSL server/cookie settings

Post by RoadKing » Thu Aug 24, 2017 9:40 pm

nhseacoast wrote:
Thu Aug 24, 2017 2:01 am
I reinstalled my entire board including the DB.

My question is this....how can I get it to default to SSL even if a user doesn't type https://? Can this be done within the config? I have secure cookies enabled. I don't want to FORCE them to use https just incase they get redirected to http.

Thanks.
Try adding this in your .htaccess

Code: Select all

RewriteEngine on
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
Header add "disablevcache" "true"
This worked for me, but I had to set cookie secure to Disable. I'm not shure why yet.
Last edited by RoadKing on Sun Aug 27, 2017 1:36 pm, edited 1 time in total.

janus_zonstraal
Registered User
Posts: 2354
Joined: Sat Aug 30, 2014 1:30 pm

Re: SSL server/cookie settings

Post by janus_zonstraal » Fri Aug 25, 2017 4:57 am

Try adding this in your config.php
:o :shock:

.htaccess you mean I hope?
Sorry! My English is bat ;) !!!

User avatar
3Di
Registered User
Posts: 12530
Joined: Mon Apr 04, 2005 11:09 pm
Location: Milan (IT) Frankfurt (DE)
Name: Marco
Contact:

Re: SSL server/cookie settings

Post by 3Di » Fri Aug 25, 2017 5:15 am

Forget any suggested change above posted.
nhseacoast wrote:
Thu Aug 24, 2017 9:40 am
I know that's possible, but wouldn't that force them into https? I don't want users to get errors if they are somehow redirected to http.
In your .htaccess file (YOUR_FORUM_ROOT/.htaccess) after the first 2 lines

Code: Select all

<IfModule mod_rewrite.c>
RewriteEngine on
ADD, AFTER (on a new line)

Code: Select all

RewriteCond %{HTTPS} !=on
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]
The final result would be

Code: Select all

<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTPS} !=on
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]
SAVE the file.

In ACP/cookie settings - set cookie secure to ENABLED.

(that's optional, not really needed, try first without)
In ACP/server settings - set Enable URL Rewriting to YES

Have fun.
Want to compensate me for my interest? Donate
Please PM me only to request paid works. Thx.
Extensions, Scripts, MOD porting, Update/Upgrades
My development's activity º PhpStorm's proud user

User avatar
nhseacoast
Registered User
Posts: 482
Joined: Sun Sep 22, 2002 10:31 pm
Location: NH, USA
Contact:

Re: SSL server/cookie settings

Post by nhseacoast » Fri Aug 25, 2017 10:00 am

That worked like a charm! Thank you!

RoadKing
Registered User
Posts: 16
Joined: Mon Aug 21, 2017 2:40 pm

Re: SSL server/cookie settings

Post by RoadKing » Sun Aug 27, 2017 1:37 pm

janus_zonstraal wrote:
Fri Aug 25, 2017 4:57 am
Try adding this in your config.php
:o :shock:

.htaccess you mean I hope?
Absolutly! I have changed my post. 8-)

User avatar
Simps
Registered User
Posts: 38
Joined: Thu Jul 23, 2015 11:49 am
Location: Stafford. UK
Name: Simon

Re: SSL server/cookie settings

Post by Simps » Mon Feb 26, 2018 12:42 am

Thank you for this. Worked for me also.
Just had a right nightmare after setting up SSL on my server.
Does the port need to be 443 rather than 80 in Server Settings ?

User avatar
thecoalman
Community Team Member
Community Team Member
Posts: 2624
Joined: Wed Dec 22, 2004 3:52 am
Location: Pennsylvania, U.S.A.
Contact:

Re: SSL server/cookie settings

Post by thecoalman » Mon Feb 26, 2018 2:22 pm

Simps wrote:
Mon Feb 26, 2018 12:42 am
Does the port need to be 443 rather than 80 in Server Settings ?
Standard port for https is 443.

User avatar
Simps
Registered User
Posts: 38
Joined: Thu Jul 23, 2015 11:49 am
Location: Stafford. UK
Name: Simon

Re: SSL server/cookie settings

Post by Simps » Mon Feb 26, 2018 3:29 pm

Thank you. All set up and working.
I had a problem with the "Force server URL settings:" setting when turning it on (Yes)
It added https://http// to the url when logging in and out and going in to the ACP
Works fine without it enabled anyway.

User avatar
3Di
Registered User
Posts: 12530
Joined: Mon Apr 04, 2005 11:09 pm
Location: Milan (IT) Frankfurt (DE)
Name: Marco
Contact:

Re: SSL server/cookie settings

Post by 3Di » Mon Feb 26, 2018 5:46 pm

"Force server URL settings:" isn't involved in this operation, it's a setting that usually nobody (almost) needs and serves other stuffs.

"Enable URL Rewriting:" instead it is used to 'remove' the "app.php" bit from the urls, in case.
Want to compensate me for my interest? Donate
Please PM me only to request paid works. Thx.
Extensions, Scripts, MOD porting, Update/Upgrades
My development's activity º PhpStorm's proud user

Post Reply

Return to “[3.2.x] Support Forum”

Who is online

Users browsing this forum: david63, Froddelaar, Majestic-12 [Bot], Toxyy and 23 guests