MyBB Community Forums

Let's say someone posted a link like http://example.com can we have a feature that checks if the website has a ssl and auto redirects to https://example.com

While it can be done with PHP, it would be hard to detect whether given website displays correctly (it might also display something completely different).
IMO tinkering with intended content is a bad idea.

(2016-03-02, 06:56 PM)Devilshakerz Wrote: [ -> ]While it can be done with PHP, it would be hard to detect whether given website displays correctly (it might also display something completely different).
IMO tinkering with intended content is a bad idea.

Can we have a option where in the ACP we can turn i t on or off

(2016-03-02, 10:59 PM)LiveChief Wrote: [ -> ]

(2016-03-02, 06:56 PM)Devilshakerz Wrote: [ -> ]While it can be done with PHP, it would be hard to detect whether given website displays correctly (it might also display something completely different).
IMO tinkering with intended content is a bad idea.

Can we have a option where in the ACP we can turn i t on or off

I believe in 1.8.*, all you have to do is change the board url from http://mysite.com to https://mysite.com and it'll be done.

(2016-03-03, 08:33 AM)andrewjs18 Wrote: [ -> ]

(2016-03-02, 10:59 PM)LiveChief Wrote: [ -> ]

(2016-03-02, 06:56 PM)Devilshakerz Wrote: [ -> ]While it can be done with PHP, it would be hard to detect whether given website displays correctly (it might also display something completely different).
IMO tinkering with intended content is a bad idea.

Can we have a option where in the ACP we can turn i t on or off

I believe in 1.8.*, all you have to do is change the board url from http://mysite.com to https://mysite.com and it'll be done.

you also need to redirect all links from http to https no? (if you already have a grown forum with threads that have links to pages on your forum)

Most redirects should be handled by MyBB. If they are not, non-https redirects would be best handled at the htaccess level.

the other issue is proxying images to avoid the mixed content warnings. hopefully mybb 2.0 will introduce an image proxy so sites can be compliant with https.

I agree with Spork985, the redirects are best handled by .htaccess.

This can be easily fixed with a few .htaccess rules to redirect HTTP-addresses to the correct HTTPS-alternatives on the actual webserver itself. I actually don't see any use for a redirect function as the webserver should handle this kind of things. Especially for external pages.

I don't see why it would be up to MyBB to detect if a website uses HTTPS or not.
While you can change http to https, use cURL to send a HEAD request and catch the HTTP response, if 200 then OK if not then leave it at that.

It's expensive (1 request per URL, probably gonna set a timeout in case the HTTPS URL doesn't respond? What appropriate timeout? Probably do a URL caching? What caching technique? etc), requires 1 extra library (cURL), and would probably require a significant amount of time to get things working.

Because what if a website is using an invalid or expired certificate? Would you still consider it worth redirecting to the HTTPS version? And what if a website redirects HTTPS traffic to HTTP? Endless loop?