so I called them and asked them how to have everyone view the https site and secure lock etc. They said I am now ready but I have to do something in FREEWAY to get this to appear for everyone.
Does anyone know what I have to do in Freeway to make this happen on next upload?
Thanks.
Thinking of and missing Dave!
Barry
freewaytalk mailing list
email@hidden
Update your subscriptions at:
I have a Let’s Encrypt certificate from my webspace provider Superior Host. They use a plug-in in the Cpanel to make it work 100% automatically to generate new certificates before the old ones expire. Mine creates certifications that have variations of my domain already setup. Some with WWW and some without, for example. If that’s what you have, it should be just as seamless for you.
What you said is basically correct about Freeway, but this is what I suggest:
File > Document Setup… > Upload tab
Click in the “Web Address:” field and paste this:
Then click OK. Then save your document.
After that, the fun really begins. I had to write a lot of code in my .htaccess file (saved on my web server) to perform auto redirects to the HTTPS page. You don’t have to do that, but if you don’t, many people will just go to your HTTP page, somewhat defeating the purpose of HTTPS.
–James Wages
freewaytalk mailing list
email@hidden
Update your subscriptions at:
Here’s a block of .htaccess code you can play around with. You can use your cPanel to edit or do like I do and just use Transmit to edit the main .htaccess file at the root of your domain. Backup your old .htaccess file first.
# STRONG HTACCESS PROTECTION
<FilesMatch "^.*.([Hh][Tt][Aa])">
Order allow,deny
Deny from all
Satisfy all
</FilesMatch>
# Do not allow directory listings in-browser
Options -Indexes
# Enable Rewrite feature:
RewriteEngine On
# Send stupid Wordpress hackers back to their own IP!
RewriteCond %{REQUEST_URI} ^(.*)?wp-login.php(.*)$ [OR]
RewriteCond %{REQUEST_URI} ^(.*)?wp$ [OR]
RewriteCond %{REQUEST_URI} ^(.*)?(.*)admin(.*)$ [OR]
RewriteCond %{REQUEST_URI} ^(.*)?wordpress$ [OR]
RewriteCond %{REQUEST_URI} ^(.*)?joomla$ [OR]
RewriteCond %{REQUEST_URI} ^(.*)?bitrix$
RewriteCond %{REQUEST_URI} !^/[0-9]+..+.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}.txt(?: Comodo DCV)?$
RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge/[0-9a-zA-Z_-]+$
RewriteRule (.*) http://%{REMOTE_ADDR}/$1 [R=301,L]
# NOTE: R used by itself defaults to R=302 temporary redirect
################[ HTTPS, remove "www" ]################
# Ensure the connection is NOT already HTTPS:
RewriteCond %{HTTPS} on
# Rewrite only on this domain:
RewriteCond %{HTTP_HOST} ^www.hoffkids.com [NC]
# Redirect users from their original location to the same location but using HTTPS.
# EXAMPLE: http://www.example.com/foo/ redirects to https://www.example.com/foo/
RewriteRule ^(.*)$ https://hoffkids.com/$1 [R=301]
##################################################
################[ HTTP -> HTTPS ]################
# Ensure the connection is NOT already HTTPS:
RewriteCond %{HTTPS} !=on
# Rewrite only on this domain:
RewriteCond %{HTTP_HOST} ^(www.)?hoffkids.com [NC]
# Restrict HTTP-to-HTTPS rewrites on port 80 (which is used for HTTP):
RewriteCond %{SERVER_PORT} 80
# Redirect users from their original location to the same location but using HTTPS.
# EXAMPLE: http://www.example.com/foo/ redirects to https://www.example.com/foo/
RewriteRule ^(.*)$ https://hoffkids.com/$1 [R=301]
##################################################
#Fix links-with-anchors that are clicked inside an email:
RewriteRule ^(.*#.*) /$1 [R,NE]
<IfModule mod_speling.c>
CheckSpelling on
</IfModule>
freewaytalk mailing list
email@hidden
Update your subscriptions at:
After that, you’ll need to do the painstaking process of checking every page in your site by clicking the little LOCK icon to the left of your domain in the browser’s address bar on your HTTPS pages. You may get errors and it should tell you the offending graphic or link you need to fix to make everything secure.
Keep in mind that if you use Actions, some of them may be set to HTTP rather than HTTPS and that can cause errors in the browser when you click the little LOCK icon. You have to change everything to HTTPS to eliminate those errors. It took me a long while to accomplish that.
Best wishes,
James Wages
freewaytalk mailing list
email@hidden
Update your subscriptions at:
You can do just that and nothing more. It’s your choice. But to ensure all your web visitors see your HTTPS pages and not your HTTP pages, more work must be done outside Freeway, and that is what my previous posts talk about.
Moving to HTTPS isn’t really that easy. But Godaddy makes it much easier by doing the really hard part for you. Before my web host used a plug-in, I spend hours upon hours in the cPanel forums trying “scripts” to get my HTTPS certificates to even work right and automatically renew. But again, your web host does that for you. It’s just that you now need to decide if you want to allow your web visitors to choose HTTP or HTTPS, or nudge them more strongly to use HTTPS.
Until recently, most sites used HTTP pages for everything except their eCommerce transaction pages. But the trend now is to make Google happy by making ALL your pages HTTPS. You heard me right. Google will give your site a ranking boost if all your pages are HTTPS. That started about a year ago, I believe. Anyway, that’s why I use those REDIRECTS in my .htaccess file.
Don’t worry too much about it. Just study it when you have the time. And if you want to setup the redirects, you can just copy and paste the code I gave you above and see how that works (make a backup of your old .htaccess first). I also added in some fun code to give Wordpress hackers a kick in the pants. If you read through my code, you will see it.
Best,
James Wages
freewaytalk mailing list
email@hidden
Update your subscriptions at:
Since you don’t have any forced REDIRECTS in your .htaccess file right now, the best way to understand what happens is just to test it.
Right now, you can type HTTP to get those pages or type HTTPS to get those pages, correct? It should be so. Now type “hoffkids.com” without any HTTP in front and you will see the HTTP page. After that, make the HTTPS change in Freeway and then upload. Then type “hoffkids.com” and see which page appears (HTTP or HTTPS).
–James Wages
freewaytalk mailing list
email@hidden
Update your subscriptions at:
Not sure about the “/public.html” you mentioned. That sounds a bit strange.
But your test proves what I thought. Without any code in your .htaccess file, there is no automatic redirecting to your HTTPS pages. And so even though your web host has set your site up to use HTTPS, no one will see those pages unless they manually type HTTP in their link, yet no one does that.
Try my domains though…
visionsecurity.jp
Note how only the HTTPS page opens. Go ahead and manually type HTTP in the link now. It still will open HTTPS. And that is what Google wants to see. It took a bit a work, but my hand-coded redirects in .htaccess work.
I don’t want to take all the credit for knowing HOW to code it. I did a lot of Googling to learn how to craft the code, combined with a lot of testing.
So long as you have a backup of your .htaccess file (just copy and paste the text from it into another file), then you are good to go for a test. If something breaks, just copy the text from your backup file, paste it in, and save .htaccess. You will be back in working order right away.
–James Wages
freewaytalk mailing list
email@hidden
Update your subscriptions at:
My site has just migrated to SSL. Home page padlock shows all is OK, but the Exhibeo slideshow is showing the dreaded blue question mark. I have installed the HTTPS Helper and HTTPS CDN Helper actions and it’s still not showing up. Have emptied caches, etc., done a redirect in my .htaccess file. Any thoughts?
freewaytalk mailing list
email@hidden
Update your subscriptions at:
I’m not sure what would have put them into that state but it looks like the
site code is looking for files with the prefix “slideshow_exibid” but the
files all have “exibid” instead, so it’s failing to find the files.
If you use an FTP application to browse the files on your web server, a
quick solution will be to navigate into the Resources folder where you will
find the file “exibid_slide-styles.css” and a number of jpg files starting
“exibid_”. ascap, andrea, awards, tanya, eval, kathyjo, tools and bill.
Rename those to add “slideshow_” to the start of their filenames and the
slideshow will start working.
If you preview in browser from Freeway, you should be able to see if the
slideshow is working correctly (if the filenames have been published
correctly) and go from there. If it does work properly, it may be that
something caused it to not be uploaded properly. If it doesn’t work
properly, that would suggest that the files are being published with the
wrong names, which you might be able to resolve by using File>Publish
Everything.
Simon
On Sat, Apr 13, 2019 at 11:50 PM madcomposter email@hidden wrote:
My site has just migrated to SSL. Home page padlock shows all is OK, but
the Exhibeo slideshow is showing the dreaded blue question mark. I have
installed the HTTPS Helper and HTTPS CDN Helper actions and it’s still not
showing up. Have emptied caches, etc., done a redirect in my .htaccess
file. Any thoughts?
Huge thanks, Simon. Adding slideshow_ to the filenames worked - this must be an Exhibeo bug because that is the program that is attaching the exibid_ prefix to the original filename. The problem remains that every time I upload, I’ll have to change all of these filenames. Do you know of a workaround? Your help is greatly appreciated.
freewaytalk mailing list
email@hidden
Update your subscriptions at: