Looks like you've got JavaScript disabled in your browser - you'll get a better site experience if you enable JavaScript

Move from http to https

The Jamroom Network » Forum » Installation and Configuration » Page » Move from http to https

MAD
@madc
10 years ago
600 posts

Ok we have installed an ssl certificate and I have done a .htaccess redirect to send all http traffic to https.
Problem is we have a lot of stuff already in the databse that is set as http and the cert is either blocking it or coming up with not secure on some pages that have this info.

How do we change everything from http to https?
DB Query going to break the site if we do it DB wide?

PS also all our FB link backs are now broken
They now link to address like
https://www.punkbandpromotions.com/modules/jrCore/router.php?_uri=the-theadora-kelly-project

--
~ https://punkbandpromotions.com ~
Check us out for all your Punk/Alternative Music!
Check us out on Facebook:- https://facebook.com/PunkBandPromotion

updated by @madc: 04/25/14 09:42:32PM

@brian
10 years ago
10,148 posts

You've set something wrong in your .htaccess file then - you should never see URLs like that (pointing to the router). You should be able to redirect all non-SSL traffic to SSL with something like this in your .htaccess file:

RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Let me know if that helps, or show me what you are using.

--
Brian Johnson
Founder and Lead Developer - Jamroom
https://www.jamroom.net

MAD
@madc
10 years ago
600 posts

ok thats what I had but it was below the core in htaccess
All working fine now

So anyway of mass fixing http files in the database as they are showing in the URL that its insecure as it has http links on the page

eg https://www.punkbandpromotions.com/vimeo_videos

Edit: Looks like the vimeo images in the source
Found this
http://vimeo.com/forums/api/topic:17127
Scroll to bottom. 4 Years??

--
~ https://punkbandpromotions.com ~
Check us out for all your Punk/Alternative Music!
Check us out on Facebook:- https://facebook.com/PunkBandPromotion

updated by @madc: 03/18/14 09:33:45AM

@brian
10 years ago
10,148 posts

The .htaccess rule should handle any "embedded" URLs in the page (those are not what cause a browser warning). What you want to do is make sure any images/javascript in your templates are using https instead of http - otherwise those will cause the browser warning. All of the "default" JR URLs will automatically adjust to https, so make sure you have reset cache so your pages can be rebuilt, but any 3rd party JS you've manually added to a template will need to be updated in the template.

Let me know if that helps.

--
Brian Johnson
Founder and Lead Developer - Jamroom
https://www.jamroom.net

MAD
@madc
10 years ago
600 posts

Thanks @brian but for example the only thing is making this page
https://www.punkbandpromotions.com/vimeo_videos/by_ratings
not validate as secure is the vimeo image
( check the source )

It is this line

 <img src="http://b.vimeocdn.com/ts/106/613/106613452_640.jpg" class="iloutline img_scale">

As that is retrieved from Vimeo I have no idea how to get it to revert to https

--
~ https://punkbandpromotions.com ~
Check us out for all your Punk/Alternative Music!
Check us out on Facebook:- https://facebook.com/PunkBandPromotion

@brian
10 years ago
10,148 posts

Ahh - that is the $vimeo_artwork_url key form the DS. That really should be updated "on the fly" if the site is running in SSL. Let me check that out and see if I can get that fixed.

--
Brian Johnson
Founder and Lead Developer - Jamroom
https://www.jamroom.net

@brian
10 years ago
10,148 posts

OK checking this out and I'm not seeing that Vimeo even has SSL available for their artwork. This is the image:

http://b.vimeocdn.com/ts/106/613/106613452_640.jpg

but this loads untrusted:

https://b.vimeocdn.com/ts/106/613/106613452_640.jpg

I've been digging around to see if they maybe offer a different CDN for SSL artwork, but so far no luck. I've also noticed that if you try to load a video over SSL it redirects to non-SSL, so we may be stuck with non-SSL images for Vimeo.

--
Brian Johnson
Founder and Lead Developer - Jamroom
https://www.jamroom.net

@brian
10 years ago
10,148 posts

Nevermind I got it - I'll get a event listener in to the module that will change them on the fly.

--
Brian Johnson
Founder and Lead Developer - Jamroom
https://www.jamroom.net

@brian
10 years ago
10,148 posts

OK check out version 1.0.6 of the Vimeo module - update, reset cache and let me know if that works - I don't actually have Vimeo setup here but it should work.

Let me know.

Thanks!

--
Brian Johnson
Founder and Lead Developer - Jamroom
https://www.jamroom.net

MAD
@madc
10 years ago
600 posts

That worked for the Vimeo menu page where the problem was occurring.
Seems like some artists vimeo pages are hiccuping though

eg
https://www.punkbandpromotions.com/the-pale-faces/vimeo/15/the-pale-faces-no-more-kisses
Fails SSL

yet
https://www.punkbandpromotions.com/subtitles/vimeo/9/subtitles-i-am-an-animal
Passes

Any ideas?

--
~ https://punkbandpromotions.com ~
Check us out for all your Punk/Alternative Music!
Check us out on Facebook:- https://facebook.com/PunkBandPromotion

@brian
10 years ago
10,148 posts

There are no non-https links in that page from Jamroom (it's not the Vimeo image - that's being included properly) - the only thing I can think is that one of javascripts is pulling in an image or resource over http. I'll see if I can spot it.

EDIT: It's not an image - we can clearly see all the images are loading over https:

--
Brian Johnson
Founder and Lead Developer - Jamroom
https://www.jamroom.net
updated by @brian: 03/19/14 06:43:05AM

@brian
10 years ago
10,148 posts

OK the "bad" URL is actually a redirect on Vimeo's part to stream the video - i.e. on this page:

https://www.punkbandpromotions.com/the-pale-faces/vimeo/15/the-pale-faces-no-more-kisses

the embedded vimeo is pulling the stream from:

http://pdl.vimeocdn.com/09909/860/147108770.mp4?token2=1395237695_b9a58849d81896f73273b53fff139c86&aksessionid=6deb50829887dbf1&aktimeoffset=0

I'm not sure if there is any way for us to "tell" vimeo to pull from https, but I can check it out.

--
Brian Johnson
Founder and Lead Developer - Jamroom
https://www.jamroom.net

@brian
10 years ago
10,148 posts

Unfortunately it looks like Vimeo is doing this as a redirect on their end - everything JR is doing is SSL, but the actually stream for Vimeo is coming from their non-ssl server.

I don't see any way to influence this behavior either.

--
Brian Johnson
Founder and Lead Developer - Jamroom
https://www.jamroom.net

iLoveHouseMusic
@ilovehousemusic
10 years ago
517 posts

What if, upon import Jamroom saves and/or caches the image to the JR server, aka a location that is already https?
updated by @ilovehousemusic: 03/20/14 09:33:53AM

iLoveHouseMusic
@ilovehousemusic
10 years ago
517 posts

Wait Nevermind I see you mentioned it's the stream URL...

Tags

Scroll