HTTPS how easy to setup?

Google and Firefox are planning to deprecate non secure sites that use http. Google are also talking about lowering the search rankings of non secure sites.

How can I use https on my Dolphin and non-dolphin websites?

Any and all advice would be gratefully received!

Stuart

There are none so blind as those that will not see.
Quote · 2 May 2015

To be clear, that deprecation issue is a long ways off. But Dolphin does currently work with HTTPS, but it's a bit spotty at the moment. You'll need to edit /inc/header.inc.php and update the URL and the header redirect lines, as both use hard-coded HTTP. The Flash apps may also require some hacks to work.

 

These should be fixed in Dolphin 7.2 - the header issue is already fixed in Trac.

BoonEx Certified Host: Zarconia.net - Fully Supported Shared and Dedicated for Dolphin
Quote · 2 May 2015

So we can't simply set up an SSL certificate, if we do something will break?

Quote · 2 May 2015

When I did my D7.0.9 site a few years ago, I used the search tool in Dreamweaver to check for every instance of "http" in the code files and where appropriate I changed it to "https".  Make sure you back everything up.  It didn't take that long as I remember but don't rush it... you'll need to take a good look at the code to ensure you're only making "http" > "https" changes where you need to.  Then use a browser tool to check for insecure pages... Firefox (Chrome?) has an extension you can add that does the task very well.

http://pkforum.dolphinhelp.com
Quote · 2 May 2015

As Nathan pointed out, all you need is to do the following changes in inc/header.inc.php file:

...
$site['url']               = "https://you-dolphin-site.com/";
...
if ( isset($_SERVER['HTTP_HOST']) and 0 != strcasecmp($_SERVER['HTTP_HOST'], $aUrl['host']) and 0 != strcasecmp($_SERVER['HTTP_HOST'], $aUrl['host'] . ':80') ) {
    header( "Location:https://{$aUrl['host']}{$_SERVER['REQUEST_URI']}" );
    exit;
}
...

and install SSL certificate for you site

Rules → http://www.boonex.com/terms
Quote · 3 May 2015

Done the changes to the header.inc but the SSL lock shows only in main page and in the admin area but not in Join.php and not inside the site , so what i doing wrong please ? i want to enforce the ssl on whole site !

Proud Hosted by Zarconia.net
Quote · 26 May 2015

Did you clear all caches after the change ? 

Done the changes to the header.inc but the SSL lock shows only in main page and in the admin area but not in Join.php and not inside the site , so what i doing wrong please ? i want to enforce the ssl on whole site !

 

Rules → http://www.boonex.com/terms
Quote · 26 May 2015

Yep done that , my host said that in some pages has outsider resources on the page ! For example in join.php i had deano facebook but it was starting with http , so changed that to https and the ssl lock shows now in join.php but do i have to do all of this to everypage in dolphin that has an outside thing , that will be crazy lol, is there a way to not do it manually !

Proud Hosted by Zarconia.net
Quote · 26 May 2015

One more thing when activating https on my site, all youtube video stops working ! if i want the youtube video to work for example in my firefox browser i have to disactivate the ssl protection then i can view the video ! anyway to work this out !

Proud Hosted by Zarconia.net
Quote · 26 May 2015

Please make sure that you are using the latest 7.1.5 version, old versions had http hardcoded in some places.

Rules → http://www.boonex.com/terms
Quote · 26 May 2015

I'm using latest version man !

I'll give you an example, when i switched my site to https , youtube stop working , so i had to follow this instruction to make it work with https check it out : ( Man dolphin needing lot of work ) i'm telling you.

On modules/boonex/videos/classes/BxVideosConfig.php - you can try changing:

 

if(!defined("YOUTUBE_VIDEO_PLAYER"))
            define("YOUTUBE_VIDEO_PLAYER", '<object width="100%" height="344" style="display:block;"><param name="movie" value="https://www.youtube.com/v/#video#&rel=0&color1=0xb1b1b1&color2=0xcfcfcf&feature=player_embedded&fs=1#autoplay#&iv_load_policy=3&showinfo=0"></param><param name="allowFullScreen" value="true"></param><param name="wmode" value="#wmode#"></param><embed src="https://www.youtube.com/v/#video#&rel=0&color1=0xb1b1b1&color2=0xcfcfcf&feature=player_embedded&fs=1#autoplay#&iv_load_policy=3&showinfo=0" type="application/x-shockwave-flash" allowfullscreen="true" width="100%" height="344" wmode="#wmode#"></embed></object>');
        if(!defined("YOUTUBE_VIDEO_EMBED"))
            define("YOUTUBE_VIDEO_EMBED", '<object width="425" height="344" style="display:block;"><param name="movie" value="https://www.youtube.com/v/#video#&rel=0&color1=0xb1b1b1&color2=0xcfcfcf&feature=player_embedded&fs=1#autoplay#"></param><param name="allowFullScreen" value="true"></param><param name="wmode" value="#wmode#"></param><embed src="https://www.youtube.com/v/#video#&rel=0&color1=0xb1b1b1&color2=0xcfcfcf&feature=player_embedded&fs=1#autoplay#" type="application/x-shockwave-flash" allowfullscreen="true" width="425" height="344" wmode="#wmode#"></embed></object>');

 

After done do changes youtube works fine now , so this doesn't exist in 7.1.5 version !

Proud Hosted by Zarconia.net
Quote · 26 May 2015

Thank you for pointing this out, I've checked in dev version and it's fixed there already:

http://www.boonex.com/trac/dolphin/ticket/3507

After done do changes youtube works fine now , so this doesn't exist in 7.1.5 version !

 

Rules → http://www.boonex.com/terms
Quote · 30 May 2015

dolphin works great with https - besides making the already mentioned changes to the /inc/header.inc.php file - you must also add this to your .htaccess file:

RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.yourdomain.com/$1 [R,L]

caredesign.net
Quote · 30 May 2015

Got all of that thanks, i'm using mod evowall and when i post a link with http on it , the SSL lock next to https turn to grey and i know cause of displaying an outsider link , but is this normal ? for example in facebook even if you post an http link the Lock stay next to https and it never go into warning mode...

is there a way to sort this out ?

Proud Hosted by Zarconia.net
Quote · 30 May 2015

I think you need to contact author of this mod 

Got all of that thanks, i'm using mod evowall and when i post a link with http on it , the SSL lock next to https turn to grey and i know cause of displaying an outsider link , but is this normal ? for example in facebook even if you post an http link the Lock stay next to https and it never go into warning mode...
is there a way to sort this out ?

 

Rules → http://www.boonex.com/terms
Quote · 7 Jun 2015

Alex sometimes we have to figure out things ourselves lol, sorted half of it in evowall, still sorting some > but thanks :)

Proud Hosted by Zarconia.net
Quote · 7 Jun 2015

Somehow I can't seem to fix the youtube issue.

Tried changing the url's to https, but no result.
Also tried clearing the caches...

Any ideas? 

Quote · 24 Aug 2015

Fixed by my host: Zarconia :)

Changed something in TinyMCE.

Quote · 24 Aug 2015

 After I made the necessary changes as stated in this post;

 

I also had to make the following changes to banners and any image that was located externally to the page was https://, for example; Quantcast Traffic Measuring had to be changed from a http:// link to https:// and then checked the external source was https ready too.

 

Bit of a pain but now the whole site is fully SSL now.

 

Cheers for the posts on here :)

 

dolphin works great with https - besides making the already mentioned changes to the /inc/header.inc.php file - you must also add this to your .htaccess file:

RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.yourdomain.com/$1 [R,L]

 

Quote · 29 Nov 2015

These situations on Apache are best handled by the redirect directive on the http / port 80 virtual host and not the .htaccess

<VirtualHost *:80> 
ServerName example.com
ServerAlias www.example.com
Redirect permanent / https://example.com
</VirtualHost>
Quote · 29 Nov 2015

 

As Nathan pointed out, all you need is to do the following changes in inc/header.inc.php file:

...
$site['url']               = "https://you-dolphin-site.com/";
...
if ( isset($_SERVER['HTTP_HOST']) and 0 != strcasecmp($_SERVER['HTTP_HOST'], $aUrl['host']) and 0 != strcasecmp($_SERVER['HTTP_HOST'], $aUrl['host'] . ':80') ) {
    header( "Location:https://{$aUrl['host']}{$_SERVER['REQUEST_URI']}" );
    exit;
}
...

and install SSL certificate for you site

 spasibo

Quote · 27 Mar 2016

Im thinking of leaping on the SSL ship as well, with 7.3

 

Are there any more bugs or things to pay careful attention to in order to NOT screw anything up?

 

I think I heard that SSL slows site speed, so I would like to ask is it a major decrease in site speed or barely noticeable?

Ultra Newb reporting for duty.
Quote · 27 Mar 2016

Same two questions as JUN10R.

Quote · 27 Mar 2016

1. There are no any know problems with https in 7.3 version

2. On modern equipment it's hardly noticed, but establishing connection could slow down site opening for a second or two if there is slow ping (500-1000ms).

1. Are there any more bugs or things to pay careful attention to in order to NOT screw anything up?


2. I think I heard that SSL slows site speed, so I would like to ask is it a major decrease in site speed or barely noticeable?

 

Rules → http://www.boonex.com/terms
Quote · 28 Mar 2016

 Thank you kind sir!

1. There are no any know problems with https in 7.3 version

2. On modern equipment it's hardly noticed, but establishing connection could slow down site opening for a second or two if there is slow ping (500-1000ms).

1. Are there any more bugs or things to pay careful attention to in order to NOT screw anything up?


2. I think I heard that SSL slows site speed, so I would like to ask is it a major decrease in site speed or barely noticeable?

 

 

Ultra Newb reporting for duty.
Quote · 28 Mar 2016

The hit in speed comes from the encryption of the page; it has to be encrypted before the webserver sends it out on the net.  I don't know what Google (it is all about the money) is planning on doing but the only parts of a site that needs to be encrypted is sensitive data; do we really need to secure that kitten video?  I know that YouTube is now https and that really is silly; what sensitive data is in that kitten video?

Geeks, making the world a better place
Quote · 19 Apr 2016

Unless Google is sending someone over 10,000 new visitors a day, I don't understand why small-time webmasters let themselves get dictated to by a corporate giant?

Concentrate on website content and the people will get you noticed.

Michel on Meta-Travel.com

TravelNotes.org - The Online Guide to Travel
Quote · 20 Apr 2016

I edited the header.inc.php and got the error message with a red line around it:

Something went wrong! Please try reloading the page.

reverting back to the original file and the same error message is there, both in the main page and the admin. I deleted the cache, still there.
Anyone have any idea what I did wrong?

Quote · 31 Oct 2019

 

I edited the header.inc.php and got the error message with a red line around it:

Something went wrong! Please try reloading the page.

reverting back to the original file and the same error message is there, both in the main page and the admin. I deleted the cache, still there.
Anyone have any idea what I did wrong?

Yes, very useless message.  Boonex decided to change the database error message but instead of saying something useful; such as "There was a database error; contact the site administrators" we get the message about refreshing the page which won't solve the issue.

You can turn on full error reporting; that changed as well so I would have to look it up to tell you where; if you need it I will hunt for it.  However, usually if you have error reporting email set up when you installed Dolphin, it should have sent the database error message to that email address.  If you don't understand the error message then you can post the first part of it here; don't do the full backtrace, and we can help.

Geeks, making the world a better place
Quote · 31 Oct 2019

Thanks, Geek Girl. I ended up deleting these files and reinstalling, ran into the problem I described in the other post but solved it by deleting a few lines in the htaccess file referring to php5.

Quote · 3 Nov 2019
 
 
Below is the legacy version of the Boonex site, maintained for Dolphin.Pro 7.x support.
The new Dolphin solution is powered by UNA Community Management System.