SLL full bore

Guvnor

Administrator
Staff member
#1
I am going to enable http > https today.
This will make all calls to non secure http be parsed as calls to secure https.
In theory this will make the board fully secure.
Let's hope it goes that way..

If it all goes squirlee, email me..
 
#2
I am going to enable http > https today.
This will make all calls to non secure http be parsed as calls to secure https.
In theory this will make the board fully secure.
Let's hope it goes that way..

If it all goes squirlee, email me..
Goodman, Guvnor. The recommendation by Google and other big internet giants is that if your are not using HTTPS by mid-year, you will get blacklisted by them. Basically, from July of 2018, any website still serving over HTTP will be named and shamed.

https://security.googleblog.com/2018/02/a-secure-web-is-here-to-stay.html
 
#4
A quick solution would be to add a mod_rewrite rule in your .htaccess file to capture and automatically rewrite all URLs from HTTP to HTTPS; although a better solution would be to fix this via a server name redirect in your Apache Virtual Hosts (that handles the SSL too).
 

Guvnor

Administrator
Staff member
#5
I think that's the option in the service control panel. Please start a private conversation with me and suggest .htaccess code to try
 
Top