FreewayTalk

23 replies to this thread. Most Recent

Hoffkids

28 Nov 2017, 7:25 am

[Pro] SSL and Freeway Pro

Hi all,

I have a question about SSL and FREEWAY.

Godaddy emailed me that “Congrats, I now own an SSL certificate” and to view it click…

https://hoffkids.com (notice the https)

but my current URL is…

http://hoffkids.com

so I called them and asked them how to have everyone view the https site and secure lock etc. They said I am now ready but I have to do something in FREEWAY to get this to appear for everyone.

Does anyone know what I have to do in Freeway to make this happen on next upload?

Thanks.

Thinking of and missing Dave!

Barry

Long Island, New York, USA

MacBook Pro | Yosemite | FW Pro 6.1 (FW user since Dec 2011)

http://www.Hoffkids.com

Hoffkids

28 Nov 2017, 7:31 am

i am wondering if I am simply supposed to do this…

1) In freeway click UPLOAD 2) when that box comes up, change web address from

http://hoffkids.com/

to

https://hoffkids.com/

is that all I have to do? I’ll wait before I screw all up

thanks!

Barry

Long Island, New York, USA

MacBook Pro | Yosemite | FW Pro 6.1 (FW user since Dec 2011)

http://www.Hoffkids.com

JDW

28 Nov 2017, 8:07 am

Hi Barry,

I have a Let’s Encrypt certificate from my webspace provider Superior Host. They use a plug-in in the Cpanel to make it work 100% automatically to generate new certificates before the old ones expire. Mine creates certifications that have variations of my domain already setup. Some with WWW and some without, for example. If that’s what you have, it should be just as seamless for you.

What you said is basically correct about Freeway, but this is what I suggest:

File > Document Setup… > Upload tab

Click in the “Web Address:” field and paste this:

https://hoffkids.com/

Then click OK. Then save your document.

After that, the fun really begins. I had to write a lot of code in my .htaccess file (saved on my web server) to perform auto redirects to the HTTPS page. You don’t have to do that, but if you don’t, many people will just go to your HTTP page, somewhat defeating the purpose of HTTPS.

—James Wages

Hoffkids

28 Nov 2017, 8:10 am

Thanks James!

will try

Long Island, New York, USA

MacBook Pro | Yosemite | FW Pro 6.1 (FW user since Dec 2011)

http://www.Hoffkids.com

JDW

28 Nov 2017, 8:15 am

Barry,

Here’s a block of .htaccess code you can play around with. You can use your cPanel to edit or do like I do and just use Transmit to edit the main .htaccess file at the root of your domain. Backup your old .htaccess file first.

    # STRONG HTACCESS PROTECTION
<FilesMatch "^.*.([Hh][Tt][Aa])">
 Order allow,deny
 Deny from all
 Satisfy all
</FilesMatch>

    # Do not allow directory listings in-browser
Options -Indexes

    # Enable Rewrite feature:
RewriteEngine On

    # Send stupid Wordpress hackers back to their own IP!
RewriteCond %{REQUEST_URI} ^(.*)?wp-login.php(.*)$ [OR]
RewriteCond %{REQUEST_URI} ^(.*)?wp$ [OR]
RewriteCond %{REQUEST_URI} ^(.*)?(.*)admin(.*)$ [OR]
RewriteCond %{REQUEST_URI} ^(.*)?wordpress$ [OR]
RewriteCond %{REQUEST_URI} ^(.*)?joomla$ [OR]
RewriteCond %{REQUEST_URI} ^(.*)?bitrix$
RewriteCond %{REQUEST_URI} !^/[0-9]+..+.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}.txt(?: Comodo DCV)?$
RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge/[0-9a-zA-Z_-]+$
RewriteRule (.*) <http://%{REMOTE_ADDR}/$1> [R=301,L]

    # NOTE: R used by itself defaults to R=302 temporary redirect

################[ HTTPS, remove "www" ]################
    # Ensure the connection is NOT already HTTPS:
RewriteCond %{HTTPS} on

    # Rewrite only on this domain:
RewriteCond %{HTTP_HOST} ^www.hoffkids.com [NC]

    # Redirect users from their original location to the same location but using HTTPS.
    # EXAMPLE:  <http://www.example.com/foo/> redirects to <https://www.example.com/foo/>
RewriteRule ^(.*)$ <https://hoffkids.com/$1> [R=301]
##################################################


################[ HTTP -> HTTPS ]################
    # Ensure the connection is NOT already HTTPS:
RewriteCond %{HTTPS} !=on

    # Rewrite only on this domain:
RewriteCond %{HTTP_HOST} ^(www.)?hoffkids.com [NC]

    # Restrict HTTP-to-HTTPS rewrites on port 80 (which is used for HTTP):
RewriteCond %{SERVER_PORT} 80

    # Redirect users from their original location to the same location but using HTTPS.
    # EXAMPLE:  <http://www.example.com/foo/> redirects to <https://www.example.com/foo/>
RewriteRule ^(.*)$ <https://hoffkids.com/$1> [R=301]
##################################################

    #Fix links-with-anchors that are clicked inside an email:
RewriteRule ^(.*#.*) /$1 [R,NE]

<IfModule mod_speling.c>
CheckSpelling on
</IfModule>

JDW

28 Nov 2017, 8:18 am

After that, you’ll need to do the painstaking process of checking every page in your site by clicking the little LOCK icon to the left of your domain in the browser’s address bar on your HTTPS pages. You may get errors and it should tell you the offending graphic or link you need to fix to make everything secure.

Keep in mind that if you use Actions, some of them may be set to HTTP rather than HTTPS and that can cause errors in the browser when you click the little LOCK icon. You have to change everything to HTTPS to eliminate those errors. It took me a long while to accomplish that.

Best wishes,

James Wages

Hoffkids

28 Nov 2017, 8:20 am

wow- thanks James!

Long Island, New York, USA

MacBook Pro | Yosemite | FW Pro 6.1 (FW user since Dec 2011)

http://www.Hoffkids.com

Hoffkids

28 Nov 2017, 8:23 am

James,

this seems crazy.

Why cannot I just change the upload setting in Freeway to https://hoffkids.com/

and be done?

I already know it works when I go there which means Godaddy took care of all right?

I just need to upload to that?

Long Island, New York, USA

MacBook Pro | Yosemite | FW Pro 6.1 (FW user since Dec 2011)

http://www.Hoffkids.com

JDW

28 Nov 2017, 8:31 am

You can do just that and nothing more. It’s your choice. But to ensure all your web visitors see your HTTPS pages and not your HTTP pages, more work must be done outside Freeway, and that is what my previous posts talk about.

Moving to HTTPS isn’t really that easy. But Godaddy makes it much easier by doing the really hard part for you. Before my web host used a plug-in, I spend hours upon hours in the cPanel forums trying “scripts” to get my HTTPS certificates to even work right and automatically renew. But again, your web host does that for you. It’s just that you now need to decide if you want to allow your web visitors to choose HTTP or HTTPS, or nudge them more strongly to use HTTPS.

Until recently, most sites used HTTP pages for everything except their eCommerce transaction pages. But the trend now is to make Google happy by making ALL your pages HTTPS. You heard me right. Google will give your site a ranking boost if all your pages are HTTPS. That started about a year ago, I believe. Anyway, that’s why I use those REDIRECTS in my .htaccess file.

Don’t worry too much about it. Just study it when you have the time. And if you want to setup the redirects, you can just copy and paste the code I gave you above and see how that works (make a backup of your old .htaccess first). I also added in some fun code to give Wordpress hackers a kick in the pants. If you read through my code, you will see it.

Best,

James Wages

Hoffkids

28 Nov 2017, 8:34 am

Thanks James.

You know that code stuff is way above me but I do want to ask.

If I change in Freeway the document setting to https:

than why would anyone have a choice of http or https? would it not only show the new secure way to them?

Long Island, New York, USA

MacBook Pro | Yosemite | FW Pro 6.1 (FW user since Dec 2011)

http://www.Hoffkids.com

JDW

28 Nov 2017, 8:51 am

Since you don’t have any forced REDIRECTS in your .htaccess file right now, the best way to understand what happens is just to test it.

Right now, you can type HTTP to get those pages or type HTTPS to get those pages, correct? It should be so. Now type “hoffkids.com” without any HTTP in front and you will see the HTTP page. After that, make the HTTPS change in Freeway and then upload. Then type “hoffkids.com” and see which page appears (HTTP or HTTPS).

—James Wages

Hoffkids

28 Nov 2017, 8:53 am

ok- was just worried i would screw up the site by changing that setting and then uploading.

you know how that goes…

Long Island, New York, USA

MacBook Pro | Yosemite | FW Pro 6.1 (FW user since Dec 2011)

http://www.Hoffkids.com

Hoffkids

28 Nov 2017, 8:55 am

i don’t need to change directory in Freeway settings do I?

it now says…

/public.html

Long Island, New York, USA

MacBook Pro | Yosemite | FW Pro 6.1 (FW user since Dec 2011)

http://www.Hoffkids.com

Hoffkids

28 Nov 2017, 8:56 am

right now no one ever types anything but hoffkids.com .

no one types http or https or anything else.

going for it…

Long Island, New York, USA

MacBook Pro | Yosemite | FW Pro 6.1 (FW user since Dec 2011)

http://www.Hoffkids.com

Hoffkids

28 Nov 2017, 9:02 am

did it and you were right

nothing changed.

when you type in hoffkids.com it still shows the non secure one which means that just because godaddy did that I was not finished I guess.

holding off for now.

thanks!!

Long Island, New York, USA

MacBook Pro | Yosemite | FW Pro 6.1 (FW user since Dec 2011)

http://www.Hoffkids.com

JDW

28 Nov 2017, 9:10 am

Not sure about the “/public.html” you mentioned. That sounds a bit strange.

But your test proves what I thought. Without any code in your .htaccess file, there is no automatic redirecting to your HTTPS pages. And so even though your web host has set your site up to use HTTPS, no one will see those pages unless they manually type HTTP in their link, yet no one does that.

Try my domains though…

visionsecurity.jp

kiramek.com

Note how only the HTTPS page opens. Go ahead and manually type HTTP in the link now. It still will open HTTPS. And that is what Google wants to see. It took a bit a work, but my hand-coded redirects in .htaccess work.

I don’t want to take all the credit for knowing HOW to code it. I did a lot of Googling to learn how to craft the code, combined with a lot of testing.

So long as you have a backup of your .htaccess file (just copy and paste the text from it into another file), then you are good to go for a test. If something breaks, just copy the text from your backup file, paste it in, and save .htaccess. You will be back in working order right away.

—James Wages

madcomposter

13 Apr 2019, 10:50 pm

My site has just migrated to SSL. Home page padlock shows all is OK, but the Exhibeo slideshow is showing the dreaded blue question mark. I have installed the HTTPS Helper and HTTPS CDN Helper actions and it’s still not showing up. Have emptied caches, etc., done a redirect in my .htaccess file. Any thoughts?

madcomposter

13 Apr 2019, 10:57 pm

URL: https://songdoor.com

Simon Manning

14 Apr 2019, 9:19 am

I’m not sure what would have put them into that state but it looks like the site code is looking for files with the prefix “slideshow_exibid” but the files all have “exibid” instead, so it’s failing to find the files.

If you use an FTP application to browse the files on your web server, a quick solution will be to navigate into the Resources folder where you will find the file “exibid_slide-styles.css” and a number of jpg files starting “exibid_”. ascap, andrea, awards, tanya, eval, kathyjo, tools and bill.

Rename those to add “slideshow_” to the start of their filenames and the slideshow will start working.

If you preview in browser from Freeway, you should be able to see if the slideshow is working correctly (if the filenames have been published correctly) and go from there. If it does work properly, it may be that something caused it to not be uploaded properly. If it doesn’t work properly, that would suggest that the files are being published with the wrong names, which you might be able to resolve by using File>Publish Everything.

Simon

On Sat, Apr 13, 2019 at 11:50 PM madcomposter <[email protected]> wrote:

My site has just migrated to SSL. Home page padlock shows all is OK, but the Exhibeo slideshow is showing the dreaded blue question mark. I have installed the HTTPS Helper and HTTPS CDN Helper actions and it’s still not showing up. Have emptied caches, etc., done a redirect in my .htaccess file. Any thoughts?

madcomposter

14 Apr 2019, 11:32 am

Huge thanks, Simon. Adding slideshow_ to the filenames worked - this must be an Exhibeo bug because that is the program that is attaching the exibid_ prefix to the original filename. The problem remains that every time I upload, I’ll have to change all of these filenames. Do you know of a workaround? Your help is greatly appreciated.

Simon Manning

14 Apr 2019, 12:33 pm

I can’t repeat the problem myself but I see that the code on your page has a slightly different format, which might suggest differing versions. You might just need to update Exhibeo if you’re not already on the latest version and then install the latest version of the Freeway Action from the Help menu in Exhibeo.

If you did need to update Exhibeo, you might need to export your gallery again as well. If not, just install the latest version of the Action and you shouldn’t need to export again.

Simon

On Sun, Apr 14, 2019 at 12:32 PM madcomposter <[email protected]> wrote:

Huge thanks, Simon. Adding slideshow_ to the filenames worked - this must be an Exhibeo bug because that is the program that is attaching the exibid_ prefix to the original filename. The problem remains that every time I upload, I’ll have to change all of these filenames. Do you know of a workaround? Your help is greatly appreciated.

madcomposter

14 Apr 2019, 12:50 pm

I used Exhibeo 2 and the latest action. Republishing just creates another set of slideshow files with the incorrect exibid_ prefix, so as long as there is a set with the full prefix in the Resources folder, the slideshow works. Can’ thank you enough for spotting the issue.

Simon Manning

14 Apr 2019, 2:16 pm

It’s a bit of a strange one, in that case. Exhibeo prefixes the image names with the gallery ID and an underscore, “exibid_” by default, and it doesn’t allow underscores in that ID. The Freeway Action then takes those filenames directly, so I’m not really sure where the “slideshow_” prefix is coming from.

I can see that the item in Freeway is called slideshow, so I think it’s the Action adding that prefix to the code but I’m not sure why or why it’s not also renaming the files.

You could also try nudging the Exhibeo Action item right, then back again (just select the item, then press the right arrow key, then left arrow key) so that Freeway thinks it has changed and republishes it. Sometimes Freeway can cache Action information and doesn’t republish properly until it thinks the item itself has changed.

Simon

On Sun, Apr 14, 2019 at 1:50 PM madcomposter <[email protected]> wrote:

I used Exhibeo 2 and the latest action. Republishing just creates another set of slideshow files with the incorrect exibid_ prefix, so as long as there is a set with the full prefix in the Resources folder, the slideshow works. Can’ thank you enough for spotting the issue.

Back to Top

madcomposter

14 Apr 2019, 2:25 pm

I did as you suggested but it’s still uploading the slideshow image files with the exibid_ prefix. I’ll figure it out someday … for now it’s working with the manually edited image filenames.