Enabling HTTPS for Vivid's Store
Permalink 2 users found helpful
I need to make my site HTTPS to comply with Authorize.net. I have not had to do this before, but I believe it had something to do with the .htaccess file.
If that is true how do I need to modify it to make it HTTPS? I am kinda surprised that C5 doesn't have the option to do that in the dashboard or am i just missing it?
Thanks!
If that is true how do I need to modify it to make it HTTPS? I am kinda surprised that C5 doesn't have the option to do that in the dashboard or am i just missing it?
Thanks!
There is a <IfModule mod_rewrite.c> already in the .htaccess for the wordpress site. Can I just start a new one or do I need to include this stuff in the same <IfModule mod_rewrite.c>?
After consulting with Bluehost, they told me I would need to pay an extra $13 a month to secure a addon domain, so we are going to ditch Wordpress and convert to C5 completely.
Thanks guys!
Thanks guys!
Ok I did this as you suggested. It returned a bad certificate. Now I can't get it to stop redirecting to HTTPS!!
Here is the code for my .htaccess file:
Please give me some help here! I removed the code so I am quite confounded as to why it would still be forcing it.
Here is the code for my .htaccess file:
# Use PHP5.4 as default AddHandler application/x-httpd-php54 .php # -- concrete5 urls start -- <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / #force www RewriteCond %{HTTP_HOST} !^www\. RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L] #normal c5 pretty url handling RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME}/index.html !-f RewriteCond %{REQUEST_FILENAME}/index.php !-f RewriteRule . index.php [L] </IfModule>
Viewing 15 lines of 16 lines. View entire code block.
Please give me some help here! I removed the code so I am quite confounded as to why it would still be forcing it.
The reason it would still be redirecting is that it's your browser caching the redirect.
The R=301 at the end of the RewriteRule is telling the server to make it a 301 permanent redirect. Browsers cache this, so even if you remove it from the htaccess it still does it.
So if you use a different browser, or put your browser into Ingonito/Private browsing mode, you'll probably find it doesn't do the redirect anymore. Or you can clear your browser cache.
The R=301 at the end of the RewriteRule is telling the server to make it a 301 permanent redirect. Browsers cache this, so even if you remove it from the htaccess it still does it.
So if you use a different browser, or put your browser into Ingonito/Private browsing mode, you'll probably find it doesn't do the redirect anymore. Or you can clear your browser cache.
Aha, good to know! Thanks!
http://devphp.net/index.php/php-linux-tips/force-ssl-https-using-htaccess/
Also, you can make a mistake within the dashboard and lock yourself out in some cases. So I think it's easier to just edit the htaccess file, test and then undo if something is not right.
If your site is set up correct to serve the site under https, you should be able to visit it and manually change the url to https:// in the browser.. if that all works correctly, the .htaccess modification is really just to _force_ the site to be accessed that way.
The way that I normally do it is:
After the line:
RewriteEngine On
the lines:
This actually is also important from an SEO point of view, as you don't want your site accessed via both http and https, as that would be seen as duplicate content (or at least that's what I've heard in the past). Here's a complete example .htaccess file if you wanted to force https AND force the www (something else that often needed)
There are lots of different ways to do this (and servers can behave differently), so if the above doesn't help you may need to contact your host for advice.