Jump to content

http > https


marklcfc

Recommended Posts

18 minutes ago, opentype said:

Because http://something.com and https://something.com are completely different addresses. Your browser isn’t supposed to share login data across different addresses. That would be a huge security risk. 

Ok, but still, after I'd logged back in on https and logged out again, my login details were still not there. On any other website, secure or not, my login details are saved if I need to log back in.

When I switched back to http, it worked as it should. So not sure if there is an issue somewhere preventing it working right.

Link to comment
Share on other sites

  • Replies 56
  • Created
  • Last Reply
14 minutes ago, marklcfc said:

Ok, but still, after I'd logged back in on https and logged out again, my login details were still not there. On any other website, secure or not, my login details are saved if I need to log back in.

So everything is set to automatically save via your password manager (built-in browser or otherwise)?

Link to comment
Share on other sites

Great discussion!

I've been thinking about converting to https too and the more I think about it there is really no (good) reason for me not to. The only issue I see is updating any content that points to http, but since I use relative URL's for the most part I should be good.

Hope I'm not jinxing myself lol.

Link to comment
Share on other sites

3 minutes ago, marklcfc said:

I've followed this guide but when viewing source I still have 86 instances of http://, mostly http://schema.org/ links

When checking other websites, including this one, you only have 5. So what do I do here?

You need to deliver all your site resource via https. That’s all. It doesn’t mean that external content can be linked or referenced via http. 

Link to comment
Share on other sites

1 minute ago, opentype said:

You need to deliver all your site resource via https. That’s all. It doesn’t mean that external content can be linked or referenced via http. 

Ok, what about when someone posts an image from photobucket for example? As I have found that site isn't secure then it makes the topic it's posted in not secure

Link to comment
Share on other sites

Just now, marklcfc said:

Ok, what about when someone posts an image from photobucket for example? As I have since found, that site isn't secure then it makes the topic it's posted in not secure

Yes, embedded content needs to be served over SSL when your site is delivered over SSL. 

Link to comment
Share on other sites

Since making the switch to https, what other changes do I need to make outside of the forum software?

I notice I have 800+ guests online, is google going to be scanning the site from scratch again now?

Do I need to change my site in webmaster tools, update analytics, etc? 

Link to comment
Share on other sites

8 minutes ago, marklcfc said:

what other changes do I need to make outside of the forum software?

Did you add any code to redirect all visits to HTTPS? I assume you are using the full settings.

9 minutes ago, marklcfc said:

is google going to be scanning the site from scratch again now?

No, it's done automatically for three of my sites its been almost instant.

9 minutes ago, marklcfc said:

Do I need to change my site in webmaster tools, update analytics, etc?

Google threw me errors after I switched, I had to change the URL to HTTPS, instead of HTTP - I assume you will have to do the same. Check your console because it will report errors and provide you with actions from the messages they send to it.

I would suggest you give things like Awstats 24 hours to update, don't panic if the HTTP still registers visits - mine seems to show the same data as the HTTPS.

Link to comment
Share on other sites

1 minute ago, Joey_M said:

Did you add any code to redirect all visits to HTTPS? I assume you are using the full settings.

No, it's done automatically for three of my sites its been almost instant.

Google threw me errors after I switched, I had to change the URL to HTTPS, instead of HTTP - I assume you will have to do the same. Check your console because it will report errors and provide you with actions from the messages they send to it.

I would suggest you give things like Awstats 24 hours to update, don't panic if the HTTP still registers visits - mine seems to show the same data as the HTTPS.

I just followed the link posted in the second post, changing the url from http to https. It appears to be working..

In analytics I changed the url in property - default url from http to https in the dropdown. Are there any other changes in analytics that need to be made? Or should I have even created a new one? It would help if I knew what I was doing really :lol:

Same for webmaster tools, my site in there is setup as a http site.

Link to comment
Share on other sites

5 minutes ago, marklcfc said:

Are there any other changes in analytics that need to be made? Or should I have even created a new one?

I haven't had to change anything with Google's analytics, the data is working fine - I would suggest you look if your visits match up.

Don't create a new one, you'll lose important data (if you see stats as this).

--

htaccess guide here - https://www.siteground.com/kb/how-to-force-ssl-with-htaccess/

(You may not need the above but I prefer to be safe than sorry in terms of http still attracting visits etc)

Link to comment
Share on other sites

Quote

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]

That's what my hosts suggested initially, I wasn't sure whether the Invision guide would be enough either though.

Anyone have any idea about webmaster tools? Do I need to add a new site in there now?

And signatures linking to photobucket and the like?

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.

×
×
  • Create New...