Jump to content

Recommended Posts

Posted (edited)

Howdy!

So I was actually going through the Forums... Went through some posts discussing about SSL Certificates for phpVMS.

You don't actually need any Module to force SSL. Just need to edit some lines of Codes

So I'll tell you how to use phpVMS 5.5.x with SSL so that your Login Data is Secured. Please NOTE I have divided this Tutorial into two Parts, One for New Installers and another for the who are already using phpVMS.

 

FOR PEOPLE WHO ARE INSTALLING PHPVMS FOR THE FIRST TIME

1) Install SSL on Domain (First Things First)

2) Install phpVMS in root, subfolder (You can even make it a Subdomain Like https://phpvms.domain.com)

3) Trigger phpVMS, and Navigate to install.php

4) This Part is very important. By default phpVMS will use http in the VA URL. Make sure you change it to https

5) Enter every other field as normal.

6) After you finish installation, you might encounter a weird layout. That's because the elements, jquery, maps etc are being called over HTTP instead of HTTPS... Ignore this, We will fix this in further steps...

7) Now what you need to do is navigate to the folder where phpVMS is installed. Go to admin/templates/core_htmlhead.php, then replace the following scripts

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jqueryui/1.8.0/jquery-ui.min.js"></script>
<script type="text/javascript" src="<?php echo fileurl('lib/js/jqModal.js'); ?>"></script>
<script type="text/javascript" src="<?php echo fileurl('lib/js/jquery.form.js'); ?>"></script>
<script type="text/javascript" src="<?php echo fileurl('lib/js/jquery.bigiframe.js'); ?>"></script>
<script type="text/javascript" src="<?php echo fileurl('lib/js/jquery.metadata.js'); ?>"></script>
<script type="text/javascript" src="<?php echo fileurl('lib/js/ckeditor/ckeditor.js'); ?>"></script>
<script type="text/javascript" src="http://maps.google.com/maps/api/js?sensor=true"></script>
<script type="text/javascript" src="<?php echo SITE_URL?>/admin/lib/phpvmsadmin.js"></script>

with these

<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.0/jquery-ui.min.js"></script>
<script type="text/javascript" src="<?php echo fileurl('lib/js/jqModal.js'); ?>"></script>
<script type="text/javascript" src="<?php echo fileurl('lib/js/jquery.form.js'); ?>"></script>
<script type="text/javascript" src="<?php echo fileurl('lib/js/jquery.bigiframe.js'); ?>"></script>
<script type="text/javascript" src="<?php echo fileurl('lib/js/jquery.metadata.js'); ?>"></script>
<script type="text/javascript" src="<?php echo fileurl('lib/js/ckeditor/ckeditor.js'); ?>"></script>
<script type="text/javascript" src="https://maps.google.com/maps/api/js?sensor=true"></script>
<script type="text/javascript" src="<?php echo SITE_URL?>/admin/lib/phpvmsadmin.js"></script>

😎 Now what you need to do next is Go again to the folder where phpVMS is installed. Navigate to your skin's Folder. Open your Skin's Layout.php and change all the http to https

9) Save them and Now open core/templates/core_htmlhead.php and replace the following lines

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jqueryui/1.11.2/jquery-ui.min.js"></script>
<script type="text/javascript" src="http://maps.google.com/maps/api/js?sensor=true"></script>
<script type="text/javascript" src="<?php echo fileurl('lib/js/jquery.form.js');?>"></script>
<script type="text/javascript" src="<?php echo fileurl('lib/js/phpvms.js');?>"></script>

with

<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.2/jquery-ui.min.js"></script>
<script type="text/javascript" src="https://maps.google.com/maps/api/js?sensor=true"></script>
<script type="text/javascript" src="<?php echo fileurl('lib/js/jquery.form.js');?>"></script>
<script type="text/javascript" src="<?php echo fileurl('lib/js/phpvms.js');?>"></script>

 

Thats All! Now Save Everything and Run Your Website on a Secured Server xD

 

FOR EXISTING PHPVMS USERS

1) Open core/local.config.php

define('SITE_URL', 'http://mydomain.com');

Change it to

define('SITE_URL', 'https://mydomain.com');

Now Repeat the Steps 7, 8 and 9 Mentioned Above!

 

Done. Hope this Helps you Guys

Sincerely

Aaryan Kapoor

Edited by Aaryan
  • Like 1
  • Parkho pinned this topic
  • 2 months later...
Posted

Great write-up!

There's one thing I ran into today: I found out my registration isn't working because the captcha box wasn't displayed. By default it loads over http but when you run the site on https it won't load due to mixed content. To remedy this, go to the registration_mainform.tpl or php and scroll to this line, near the end:

echo recaptcha_get_html(Config::Get('RECAPTCHA_PUBLIC_KEY'), $captcha_error, true);

you need to ad the ,true so that recaptcha will load over a secure connection.

Also, the admin panel has a few scripts that need to run on https. In /admin/templates/core_htmlhead there are 3 references to http which should be changed to https. If not, the admin panel won't work properly

  • 5 months later...
  • 1 month later...
  • 5 months later...
Posted

Added the text below to my .htaccess file, to resolve my map/ssl issues.  All my SSL seems to be fine now:

Header always set Content-Security-Policy: upgrade-insecure-requests

 

Bruce

  • Administrators
Posted
34 minutes ago, CPC900 said:

Added the text below to my .htaccess file, to resolve my map/ssl issues.  All my SSL seems to be fine now:

Header always set Content-Security-Policy: upgrade-insecure-requests

 

Bruce

Or you could just go through your files and change any "http://..." lines to "https://". Pretty easy when using the find/replace in Notepad++.

Posted

Yeah, that is what I thought I had done, but hey, I am just letting you know what my host mentioned that they did to my site.  I quote:

"The problem was the page still was asking for those resources via http and broke the google api calls. I've added the following to your .htaccess which seems to have resolved as your SSL now loads and so do all resources"

If that helps someone else, great.  Maybe YOU can explain why they did it that way, because I have no idea really.  But, it works now. :)

Bruce

Posted

Okay here's a quick fix for SSL errors!

1. Download this software known as 'fnr' http://findandreplace.io/
2. Download your /lib/skins/YOUR_SKIN_FOLDER folder to a particular folder.
3. Now run fnr. Click on Find field. Type there http://
4. In the replace field, type https://
5. Click on replace All
6. Reupload your skin folder. It should work now.

ALSO DO NOT FORGET TO TAKE BACKUP OF YOUR CURRENT_SKIN_FOLDER

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...