2019-03-08, 10:30 PM
After modifying .htaccess -- too many redirects
I was able to install myBB successfully on my Apache server.
Everything seemed to work OK.
Then after reading about "Setting up HTTPS" (so that all potential avatars and user images will not create a problem in future??), I added the following section to my .htaccess file, as suggested:
#...
RewriteEngine on
#rw-added section below 20190308:::
#see: https://docs.mybb.com/1.8/administration...ity/https/
RewriteCond %{HTTPS} off
# This checks to make sure the connection is not already HTTPS
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
Header always set Content-Security-Policy "upgrade-insecure-requests; default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'none'; base-uri 'self'"
Header always set X-Frame-Options "deny"
Header always set X-XSS-Protection "1; mode=block"
Header always set X-Content-Type-Options "nosniff"
#end of rw-added section
After uploading the modified .htaccess file, I got the following error in my browser:
"Safari Can't Open The Page:
Too many redirects occurred trying to open
"https://forums.rmhiherbal.org".
This might occur if you open a page that is redirected to open another page which then is redirected to open the original page.
"
Changing back to original installed .htaccess file restored everything to normal.
Should I worry about this? Or should I disable avatars and user icons, which I understand if they are referenced in http: mode may cause problem, with "Content blocked" on a https connection.
??
I would like to correct the .htaccess file if at all possible.
My modified version of the .htaccess file is attached: htaccess_rwMod.txt
I was able to install myBB successfully on my Apache server.
Everything seemed to work OK.
Then after reading about "Setting up HTTPS" (so that all potential avatars and user images will not create a problem in future??), I added the following section to my .htaccess file, as suggested:
#...
RewriteEngine on
#rw-added section below 20190308:::
#see: https://docs.mybb.com/1.8/administration...ity/https/
RewriteCond %{HTTPS} off
# This checks to make sure the connection is not already HTTPS
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
Header always set Content-Security-Policy "upgrade-insecure-requests; default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'none'; base-uri 'self'"
Header always set X-Frame-Options "deny"
Header always set X-XSS-Protection "1; mode=block"
Header always set X-Content-Type-Options "nosniff"
#end of rw-added section
After uploading the modified .htaccess file, I got the following error in my browser:
"Safari Can't Open The Page:
Too many redirects occurred trying to open
"https://forums.rmhiherbal.org".
This might occur if you open a page that is redirected to open another page which then is redirected to open the original page.
"
Changing back to original installed .htaccess file restored everything to normal.
Should I worry about this? Or should I disable avatars and user icons, which I understand if they are referenced in http: mode may cause problem, with "Content blocked" on a https connection.
??
I would like to correct the .htaccess file if at all possible.
My modified version of the .htaccess file is attached: htaccess_rwMod.txt