Rainier Sotelo, do you use default fonts? Or custom ones?

Did you change your URL inconfig.php to https://yoursitename.com ?

Hello Aliia,

I am using default fonts.

Kindly advise how to change my URL in config.php to https://yoursitename.com ?

Cheers & thanks a lot,
Rainier

Hello Aliia,

This is what I did in my config.php file to replace HTTP:

<?php
define('OW_URL_HOME', 'http://triskelionhandshake.com/Verification/');

with HTTPS:

<?php
define('OW_URL_HOME', 'http://triskelionhandshake.com/Verification/');

Please correct me if I am wrong.

Cheers,
Rainier

Hello Chris,

This is what I did in my config.php file to replace HTTP:

<?php
define('OW_URL_HOME', 'http://triskelionhandshake.com/Verification/');

with HTTPS:

<?php
define('OW_URL_HOME', 'https://triskelionhandshake.com/Verification/');

Please correct me if I am wrong.

Cheers,
Rainier

Rainier Sotelo, now all you need to do is to add a redirect from http to https in Oxwall's .htaccess, so that one and the same site is displayed no matter whether user enters http or https.

Im having the same problem as rainier, but the opposite way around. when viewing my site on http the text links are hugh.

I have changed the web url in my .config file to https, what code do i need to add to the htaccess file to redirect the http to https?

Hello Aliia,

Kindly advise how to add a redirect from http to https in Oxwall's .htaccess.

Cheers,
Rainier

I am not an expert in .htaccess settings.

Check: http://stackoverflow.com/...direct-http-to-https

I used the below code in my .htaccess file under line 2 - RewriteEngine On

Now my domain redirects always to https. This may not work for everyone though, the command can vary depending on your hosting company. It took me a lot of trial and error and a very long conversation with my hosting company to find a solution.


RewriteCond %{HTTPS} !=on
RewriteRule ^(.*)$ https://your-domain.com/$1 [R=301,L]

Is there some sort of support document that explains how to do this from start to finish?  I really like the idea of running https

David A - I can give you instructions as to how I setup my HTTPS, however its not always gonna be the same, it really depends on your hosting company. It took me a lot of trial and error and a long conversation with my hosting company before i finally found a complete solution.

Send me a PM and I will try to help you as best as possible.

So I have finally managed to setup my website on HTTPS, i have all the the FB connect and importer working without issues, along with other plugins.

However oxwall cannot fully run in https as external links such as youtube or JS scripts are not hosted on my site and do not use the https protocol.
The main issue when running https is with the browser that you use. some browsers automatically block unsafe content, the content not hosted on your own server.

I have found that images are just flagged as unsafe, but not blocked. Some JS scripts are blocked completely, hence the reason FB connect doesn't work unless modified a little.

I am now looking for some help and ideas on how to make external links that do not use https safe. If you checkout facebook as an example, all external links like youtube, blogs etc are sent through a secure server before reaching the FB site. That way all the content shown on FB is secure.

Are there any services that offer this kind of service? Is there a way to rewrite external urls and make them secure? It would be great if oxwall could run fully in https, as almost all social sites and major sites are heading in that direction.

Im not a code guru - guess something like this would be needed - http://stackoverflow.com/...-link-inside-article

Chris, not much I can help you with. What you would like to achieve requires complex custom code modifications. Try finding a developer who can complete this work for you.

So I have given up on the idea of using HTTPS for the whole of oxwall site. Unfortunately there are too many issues and problems and it is almost impossible to run your oxwall site fully secured as external links on the site are not always https.

However I have kept my SSL certificate and am just using it to secure certain pages like the fbcanvas page from the contact importer plugin.

For oxwall to run fully in https, the core files and plugins need to be coded from the bottom up to support it. It would also require some sort of plugin that forces all external links into https.

This is a bit disappointing to hear. Its not like ssl is uncommon. I would have thought that Oxwall would want to get this sorted asap?  Blimey.

Matt

Im not saying that you can't use https and SSL, its just you may have to change / modify some of the code in certain plugins and sections of your site, for it to work.

You can run your oxwall site securely, but it will never be fully secured if you have content from external sources that don't run https.

Well, you learn something everyday.  Here I thought simply getting a SSL cert will secure my site.  Obviously not.  Thanks Chris for investigating this a bit.  So basically, you can have SSL for the whole site, but some content may not be displayed, depending on what it is or where it comes from.

Just a thought.  If I make the decision not to run my site via SSL, would Cloudflare or another CDN help to create some security?
How would SSL work if it was enabled via one of the CDN providers?  I think some offer that service.

SSL fail, you have got to be kidding me.

Why isn't there an option on the admin panel that says this:

"Do not preview unsecure links"

SMH

Chris, I feel your pain.