MyBB Community Forums

MyBB Community Forums > Resources > Tutorials > Mybb [SSL] Force All Files From Http to Https
Full Version: Mybb [SSL] Force All Files From Http to Https
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

cybernetwebdesign

2016-11-01, 04:46 AM
Use bburl seting+ force to https

RewriteEngine On 
RewriteCond %{SERVER_PORT} 80 
RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]

[Image: Marah.gif]

Done!  Big Grin

terzier

2016-11-08, 09:04 PM
it's good, if you first plug it back copyright MyBB on your website that you remove

[attachment=37765]

[attachment=37766]

cybernetwebdesign

2016-11-08, 09:58 PM
(2016-11-08, 09:04 PM)terzier Wrote: [ -> ]it's good, if you first plug it back copyright MyBB on your website that you remove

ok

Josh H.

2016-11-11, 03:59 AM
You're missing a LOT of things that are necessary to deploy HTTPS properly. I'm working on a comprehensive guide that I'll be releasing to the MyBB Documentation site soon™, but for now, here's the most important bit IMO:

Remember: an HTTP->HTTPS redirect is inherently insecure and does relatively little to secure your users. You should also send an HSTS header over HTTPS with:
Header set Strict-Transport-Security "max-age=31536000" env=HTTPS

This will make browsers remember to only connect over HTTPS _before_ any data is sent.

Start the max-age at something low like 86400 (1 day) before you've confirmed that things are 100% ready. Then work your way up to the 1-year value in the snippet. This is the most critical next step.

Phun

2016-11-25, 11:01 PM
Removing copyright is a terrible idea to do. All you have to do is add it back and <br /> with your own trademark with it. Smile

MrDoob

2016-12-04, 02:38 PM
nginx Config with Login Hijacking with https let*s encroyted

you need an full root access not an virtual root and a free oder enhance Account on no-ip

after install HTTP*s you can not visit this Site btw Forum with http://your-domain.excluded

after install only with https://your-domain.excluded
_______________________________
Hostname Information

Hostname:   YOUR DOMAIN
Host Type:     DNS Host Angel

IP Address: of this ROOT
 
Assign to Group: nothing

Enable Wildcard: make this X inside

___________________________________

1) aptitude install git

2) git clone https://github.com/letsencrypt/letsencrypt

3) cd letsencrypt

4) nginx stop

5) ./letsencrypt-auto certonly --webroot -w /PATH/DO/DIR/OF/FORUM  -d DOMAIN DNS A RECORD

5a) cp /etc/nginx/sites-available/default /etc/nginx/sites-available/default.stable.old

6) nano /etc/nginx/sites-available/default

http://pastebin.com/H9J3iJtr

6a ) cd /etc/nginx/ &&  dhparam -out dhparams.pem 2048 (you can make 4096bit BUT this need many TIme )

7) /etc/init.d/nginx configtest
-->
[ ok ] Testing nginx configuration:.

8) /etc/init.d/ngingx restart

cybernetwebdesign

2017-10-25, 04:41 AM
Awesome

Eldenroot

2017-10-25, 10:11 AM
Better to use DVZ secure plugin Smile
MyBB Community Forums > Resources > Tutorials > Mybb [SSL] Force All Files From Http to Https