I had read everyone inputs on how to get SSL up and running but its not completely working either in single join page or whole site.
The whole site works but slower and I get a security warning message on every page visited, also some mods do not work.
I prefer SSL on join, lost password, and admin panel access. These are essential for any social networking site especially the registration and login pages.
The solution from AntonLV works without Captcha but on the join page, the login section does not work, the popup modal login works but I assume this is not going through SSL. With Captcha the image does not show up so the solution does not work and I had tired this too:
function recaptcha_get_html ($pubkey, $error =null, $use_ssl =false)
to read as
function recaptcha_get_html ($pubkey, $error =null, $use_ssl =true
Solution from AntonLV
It is working form me :)
In the .htaccess file right after the line
RewriteEngine on
add the code
RewriteRule "^(pedit.php)$" - [env=whwSecure:https]
RewriteRule "^(join.php.*)$" - [env=whwSecure:https]
#Redirect to normal site.
RewriteCond %{HTTPS} on
RewriteCond %{env:whwSecure} !https
RewriteCond %{REQUEST_URI} !^.*simg.php
RewriteCond %{REQUEST_URI} !^.*tiny_mce_gzip.php
RewriteCond %{REQUEST_URI} ^.+.php [OR]
RewriteCond %{REQUEST_URI} ^.+/$
RewriteRule "^(.*)$" "http://%{HTTP_HOST}/$1" [R=301,L]
#Redirect to Secure site
RewriteCond %{HTTPS} off
RewriteCond %{env:whwSecure} https
RewriteRule "^(.*)$" "https://%{HTTP_HOST}/$1" [R=301,L]
then in the inc/header.inc.php file before the line and change "yoursite.com" with your actual site
$admin_dir = "administration";
insert the code
$aSSLURLs = array(
'/pedit.php',
'/join.php',
'/simg/simg.php',
'/plugins/tiny_mce/tiny_mce_gzip.php',
);
if(in_array($_SERVER['PHP_SELF'], $aSSLURLs)) {
$site['url'] = "https://yoursite.com/";
}
I hope collectively, the contributors will have a solution for SSL on registration and login pages.
Thanks!
