In my recent workings with dolphin I find that is has lots of htaccess within it. Now here is my question, I have a site that is https:// so what I would like to know do all htaccess records within dolphin get modified as well?

I've learned how to force SSL into overdrive with htacess, but considering dolphin has lots of htaccess records within it, it is a little harder to force https:// 

Also what will be the effects of changing all htacces record within dolphin? will it still function?

hello,

you managed to solve the problem of the ssl certificate?

if you could you help me figure out how to please

I see that your were working to have https:// web site, My Questions is for you have you figured out how to make it happen? I will tell you it does take allot of wor and time to change your site over to a https:// site, because you have to go into the script and change the http:// to https:// manually, plus add code to your htaccess.

Dolphin is not an easy script to edit since you have to edit every folder and file manually through cpanel to make dolphin https:// Your looking at evry bot of 20-30hours of work just editing the script. Also if you have a site that has members already your looking at more time plus you will have to limit them form adding that http:// to and content of your site,. Otherwise you will have SSL issues.

i think i will explore this one. most of the htaccess files dont even have anything in them, they are there to protect the dir. 

yall wanna divvy up for a cheap cert

would be very useful to have an easy solution for browsing all set to https.

would be best for the future of dolphin :-)

 http://www.cheapssls.com/?gclid=CJOL9PnTqrECFQmd7QodSEMAJw

 $6.00 cert

let me know, i will put the time in and see what we can actually secure and what we cant

I have a site with a dolphin on rootbaron if you are super happy.

of course I contribute.

the goal is to have the complete navigation of ssl certificate.

I have 3 Dolphin sites with SSL and am interested in learning more about improving the setup for https sites... thank you for starting and contributing to this thread.

I think the ability to set the ssl certificate should be integrated within the basic default settings dolphin

 yes i am going to have to say i agree with you on needing to be able to enable or disable SSL from admin. 

 i am going try a few things, once we acquire a cert, one being that i want to look at modifying everything from /etc/httpd/conf/

setting the cert in a file of its own with the modification of the virtualhost, providing the server alias's in the vhost 

i feel confident that we can get dolphin to run on SSL, now granted, just so all knows who is reading this, this is not an option if you are on shared hosting, also, you will need a dedicated IP for the cert.

 fully agree, I'm using a shared hosting at the moment because it seems unnecessary to spend money to make simple settings in the template.

Obviously being in Europe dedicated to just pass ready because I firmly believe that the best option.

I emphasize that I obviously chose the solution because rootbaron are the only known dolphin lunge system and thus have the possibility to optimize the space. not to mention the fact that the value for money service has no terms of comparison with the great hosting! This is a must for anyone who uses dolphin

are very interested ssl application directly from the control panel, the 7.1 course.

for me the 7.0.9 is too antiquated to be able to make a web site competition.

of course my opinion is not the opinion of an expert programmer but a customer who takes care of marketing and communications

online.

Accept my cert and view site.. 

https://mynewbeetle.net/7.1/index.php

the practice of the ssl certificate is a very delicate practice.

obtain and install a certificate wild world is not in a hurry

but also quite expensive $ 250 years or so.

before obtaining the certificate must submit documentation of the company

and only then you will be issued a certificate that provides a certain period of time to get it. Obviously there are many certificates.

This also requires that the structure of the site is ready to install the certificate on the server side. see facebook - google - etc. etc.

of course not just change http https with a simple script and then install the certificate purchased.

I'm not a technical course of ssl certificates and is not likely to be right 100%

Also forgot to say that the practice of certification also provides a recorded check the header of the Internet domain and server.

As you can imagine there are different types of certificates.

the fact remains that getting a certificate of high level is a real practice is not only a change customized

OK, now I hate to ask.

I really don't know the reasons behind having an SSL site other than

• store transactions
• and the ability to make the site work in Facebook Apps

What am I missing here? DosDawg, the site you posted above has many types of accounts. I never knew there were this many.

Can someone explain in a layman's terms the differences please.

@Zugul, were you able to view the site in https? 

the extension is visible https

but the browser returns a notice of safety hazard

 it will, it is a self signed cert.

so are you able to login in and use the site, despite the warning

certified because the navigation takes 3 parts and not 2

1 web site

2 the user

3 the Supervisor Controller

that's why in addition to being prepared on site must also complete and submit the correct documentation to sponsor controller.

company name

information society

current utility bill addressed to the owner must pay + dall'intestatario from the certificate.

There are of course vary types of certificates and various types of guarantee for safety

www.comodo.com

www.geotrust.com

www.verysign.com (facebook uses this company)

As you can see inside of the certificate is the guarantor of security.

the various browsers is just that they control.

is very positive to see a proper safety certification

SSL Certificate on a site, this could get long winded. 

there are many levels of security when a cert is purchased, as an example from network solutions, you can get what is called EV (extended verification) which they vett your company, and you have to jump through several hoops to acquire that type of cert from NS. 

From Godaddy:

Encrypts data transferred to and
from your site and protects against session hijacking attacks, including Firesheep.

Secure UNLIMITED servers.
Compare that to other Certification
Authorities that charge for licensing
on each server. (this is applicable when you have redundancy, and a scaled environment)

SSL Certificates not only confirm the identity of the Certificate holder’s website to the visitor’s browser

but also encrypt information sent and received by the holder’s website. Information contained in the

digital Certificate includes:

• The Certificate holder’s name (individual or company)*

• The Certificate’s serial number and expiration date

• A copy of the Certificate holder’s “public” cryptographic key

• The digital signature of the Certificate-issuing authority

Phishing and Pharming

Phishing and pharming continue to pose real threats to unsuspecting Internet users.

Phishing is a common scam that uses fake emails from legitimate companies to trick recipients into

revealing their account numbers, passwords – even credit card and social security numbers.

The scam starts when an account holder with a legitimate business receives an email that looks like an

authentic notice from the company where they do business. The email recipient is instructed to click

through to a website where they are asked to “verify” their personal information. Such emails often

threaten a loss of account access if the recipient doesn’t take action.

Once the recipients click through, they’re greeted by a knock-off website that only looks like the real

thing. Unless the victim looks carefully or checks for the https:// prefix, they’re likely to submit the

requested data, never knowing they’re handing their most private information to thieves.

More sophisticated than phishing, pharming is the process by which an Internet Service Provider’s (ISP)

domain name server (DNS) entries are hijacked. The idea is to redirect Internet traffic to a fake website

instead of the real thing. When a “pharmer” succeeds in such DNS “poisoning,” every computer using

that ISP for Internet access is directed to the wrong site when the user types in a URL (e.g.,

www.ebay.com).

* Premium SSL Certificates only. Standard SSL Certificates contai

its not just related to a store any more, and google is pushing that all environments run under SSL. its noteworthy to state also that, there are different levels of encryption 1024 being the entry level, and the EV you have to have 2048 or greater, i submit with 4096.

so the gist of an SSL is that to and fro are encrypted, and if you think about it, itscompletely logical that all sites should be secured. 

I am also going to say something here, about what i keep reading the cert is not per se' installed on a site, the cert is for the domain name. 

you can have a cert on shared hosting, you would need to acquire a dedicated IP, because you are securing your environment only, there is also the ability to install a shared cert, i have considered this, but then would need to adjust the pricing so that we are not footing the bill for the cert.

self-signed certs are garbage, the whole process of a purchased cert is that you get a CA certificate of authority from the issuer, they also insure these certs for up to $250K should you suffer loss due to issuance of a bad cert and negligence on the issuers behalf. though proving negligence could be difficult. 

so we fall back into the you get what you pay for, so looking at GD's site, which is where i would and do purchase my certs, the price variance from one end of the spectrum to the other, seems to span greatly, i do not think its from one cert being more secure than the other, but the level of effort required as part of the issuance protocol. 

i also have some issues in my head at the moment regarding dolphin and the youtube function, since those files are not hosted on the server with the cert, you may see this site has untrusted content. 

ok there you have it as plain and layman as it gets, hope that helps everybody understand what how and when about SSL.

now, with this all being said, i have something i want to discuss as well, involving site security and vulnerability:

Website Protection Site Scanner $6.00/month

happiness

you went into detail, from this point on, my culture is zero:-D

you who have much experience and have the ability to find solutions

What would you recommend or like affronteresti the request to install a ssl certificate on the domain on your server on dolphin?

dolphin is ready for this?

 DosDawg,

This SSL stuff is a bit to take in for now, very confusing. I have been reading up all day and still don't get it all.

Could you suggest a cert that would allow this 

https://apps.facebook.com/thedolphinproject/

to show, or is it normal to get a warning using any cert?

fantastic now you have pagerank 9 :-D

 Who?

were you able to cruse the demo site inside facebook?

yes  , perfect navigation

yes  , perfect navigation