[For 1.8] Mybb [SSL] Force All Files From Http to Https
#1
This user has been denied support. This user has been denied support.
Use bburl seting+ force to https

RewriteEngine On 
RewriteCond %{SERVER_PORT} 80 
RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]

[Image: Marah.gif]

Done!  Big Grin
Reply
#2
it's good, if you first plug it back copyright MyBB on your website that you remove

   

   
MyBB Indonesia | Facebook Page | Twitter
Bangga Menggunakan MyBB sebagai Forum Core Engine Big Grin
Reply
#3
This user has been denied support. This user has been denied support.
(2016-11-08, 09:04 PM)terzier Wrote: it's good, if you first plug it back copyright MyBB on your website that you remove

ok
Reply
#4
You're missing a LOT of things that are necessary to deploy HTTPS properly. I'm working on a comprehensive guide that I'll be releasing to the MyBB Documentation site soon™, but for now, here's the most important bit IMO:

Remember: an HTTP->HTTPS redirect is inherently insecure and does relatively little to secure your users. You should also send an HSTS header over HTTPS with:
Header set Strict-Transport-Security "max-age=31536000" env=HTTPS

This will make browsers remember to only connect over HTTPS _before_ any data is sent.

Start the max-age at something low like 86400 (1 day) before you've confirmed that things are 100% ready. Then work your way up to the 1-year value in the snippet. This is the most critical next step.
PGP Key (Fingerprint: 23B6 F4C0 FE2D 45AA 61A0 1E86 DB87 09DC DD87 6E40)
Reply
#5
Removing copyright is a terrible idea to do. All you have to do is add it back and <br /> with your own trademark with it. Smile
Reply
#6
nginx Config with Login Hijacking with https let*s encroyted

you need an full root access not an virtual root and a free oder enhance Account on no-ip

after install HTTP*s you can not visit this Site btw Forum with http://your-domain.excluded

after install only with https://your-domain.excluded
_______________________________
Hostname Information

Hostname:   YOUR DOMAIN
Host Type:     DNS Host Angel

IP Address: of this ROOT
 
Assign to Group: nothing

Enable Wildcard: make this X inside

___________________________________

1) aptitude install git

2) git clone https://github.com/letsencrypt/letsencrypt

3) cd letsencrypt

4) nginx stop

5) ./letsencrypt-auto certonly --webroot -w /PATH/DO/DIR/OF/FORUM  -d DOMAIN DNS A RECORD

5a) cp /etc/nginx/sites-available/default /etc/nginx/sites-available/default.stable.old

6) nano /etc/nginx/sites-available/default

http://pastebin.com/H9J3iJtr

6a ) cd /etc/nginx/ &&  dhparam -out dhparams.pem 2048 (you can make 4096bit BUT this need many TIme )

7) /etc/init.d/nginx configtest
-->
[ ok ] Testing nginx configuration:.

8) /etc/init.d/ngingx restart
Reply
#7
This user has been denied support. This user has been denied support.
Awesome
Reply
#8
Better to use DVZ secure plugin Smile
[MyBB 1.8 Czech translation] [MyBB 1.8 plugins]: Prune old PMs + optimize DB plugin --- Thank you/like system
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)