Jump to content
Aaryan

[Tutorial] SSL with phpVMS

Recommended Posts

Howdy!

So I was actually going through the Forums... Went through some posts discussing about SSL Certificates for phpVMS.

You don't actually need any Module to force SSL. Just need to edit some lines of Codes

So I'll tell you how to use phpVMS 5.5.x with SSL so that your Login Data is Secured. Please NOTE I have divided this Tutorial into two Parts, One for New Installers and another for the who are already using phpVMS.

 

FOR PEOPLE WHO ARE INSTALLING PHPVMS FOR THE FIRST TIME

1) Install SSL on Domain (First Things First)

2) Install phpVMS in root, subfolder (You can even make it a Subdomain Like https://phpvms.domain.com)

3) Trigger phpVMS, and Navigate to install.php

4) 043c78576c15b14197c84822fc5bc5fa.png This Part is very important. By default phpVMS will use http in the VA URL. Make sure you change it to https

5) Enter every other field as normal.

6) After you finish installation, you might encounter a weird layout. That's because the elements, jquery, maps etc are being called over HTTP instead of HTTPS... Ignore this, We will fix this in further steps...

7) Now what you need to do is navigate to the folder where phpVMS is installed. Go to admin/templates/core_htmlhead.php, then replace the following scripts

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jqueryui/1.8.0/jquery-ui.min.js"></script>
<script type="text/javascript" src="<?php echo fileurl('lib/js/jqModal.js'); ?>"></script>
<script type="text/javascript" src="<?php echo fileurl('lib/js/jquery.form.js'); ?>"></script>
<script type="text/javascript" src="<?php echo fileurl('lib/js/jquery.bigiframe.js'); ?>"></script>
<script type="text/javascript" src="<?php echo fileurl('lib/js/jquery.metadata.js'); ?>"></script>
<script type="text/javascript" src="<?php echo fileurl('lib/js/ckeditor/ckeditor.js'); ?>"></script>
<script type="text/javascript" src="http://maps.google.com/maps/api/js?sensor=true"></script>
<script type="text/javascript" src="<?php echo SITE_URL?>/admin/lib/phpvmsadmin.js"></script>

with these

<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.0/jquery-ui.min.js"></script>
<script type="text/javascript" src="<?php echo fileurl('lib/js/jqModal.js'); ?>"></script>
<script type="text/javascript" src="<?php echo fileurl('lib/js/jquery.form.js'); ?>"></script>
<script type="text/javascript" src="<?php echo fileurl('lib/js/jquery.bigiframe.js'); ?>"></script>
<script type="text/javascript" src="<?php echo fileurl('lib/js/jquery.metadata.js'); ?>"></script>
<script type="text/javascript" src="<?php echo fileurl('lib/js/ckeditor/ckeditor.js'); ?>"></script>
<script type="text/javascript" src="https://maps.google.com/maps/api/js?sensor=true"></script>
<script type="text/javascript" src="<?php echo SITE_URL?>/admin/lib/phpvmsadmin.js"></script>

8) Now what you need to do next is Go again to the folder where phpVMS is installed. Navigate to your skin's Folder. Open your Skin's Layout.php and change all the http to https

9) Save them and Now open core/templates/core_htmlhead.php and replace the following lines

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jqueryui/1.11.2/jquery-ui.min.js"></script>
<script type="text/javascript" src="http://maps.google.com/maps/api/js?sensor=true"></script>
<script type="text/javascript" src="<?php echo fileurl('lib/js/jquery.form.js');?>"></script>
<script type="text/javascript" src="<?php echo fileurl('lib/js/phpvms.js');?>"></script>

with

<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.2/jquery-ui.min.js"></script>
<script type="text/javascript" src="https://maps.google.com/maps/api/js?sensor=true"></script>
<script type="text/javascript" src="<?php echo fileurl('lib/js/jquery.form.js');?>"></script>
<script type="text/javascript" src="<?php echo fileurl('lib/js/phpvms.js');?>"></script>

 

Thats All! Now Save Everything and Run Your Website on a Secured Server xD

 

FOR EXISTING PHPVMS USERS

1) Open core/local.config.php

define('SITE_URL', 'http://mydomain.com');

Change it to

define('SITE_URL', 'https://mydomain.com');

Now Repeat the Steps 7, 8 and 9 Mentioned Above!

 

Done. Hope this Helps you Guys

Sincerely

Aaryan Kapoor

Edited by Aaryan
  • Like 1

Share this post


Link to post
Share on other sites

Great write-up!

There's one thing I ran into today: I found out my registration isn't working because the captcha box wasn't displayed. By default it loads over http but when you run the site on https it won't load due to mixed content. To remedy this, go to the registration_mainform.tpl or php and scroll to this line, near the end:

echo recaptcha_get_html(Config::Get('RECAPTCHA_PUBLIC_KEY'), $captcha_error, true);

you need to ad the ,true so that recaptcha will load over a secure connection.

Also, the admin panel has a few scripts that need to run on https. In /admin/templates/core_htmlhead there are 3 references to http which should be changed to https. If not, the admin panel won't work properly

Share this post


Link to post
Share on other sites

Added the text below to my .htaccess file, to resolve my map/ssl issues.  All my SSL seems to be fine now:

Header always set Content-Security-Policy: upgrade-insecure-requests

 

Bruce

Share this post


Link to post
Share on other sites
34 minutes ago, CPC900 said:

Added the text below to my .htaccess file, to resolve my map/ssl issues.  All my SSL seems to be fine now:

Header always set Content-Security-Policy: upgrade-insecure-requests

 

Bruce

Or you could just go through your files and change any "http://..." lines to "https://". Pretty easy when using the find/replace in Notepad++.

Share this post


Link to post
Share on other sites

Yeah, that is what I thought I had done, but hey, I am just letting you know what my host mentioned that they did to my site.  I quote:

"The problem was the page still was asking for those resources via http and broke the google api calls. I've added the following to your .htaccess which seems to have resolved as your SSL now loads and so do all resources"

If that helps someone else, great.  Maybe YOU can explain why they did it that way, because I have no idea really.  But, it works now. :)

Bruce

Share this post


Link to post
Share on other sites

Okay here's a quick fix for SSL errors!

1. Download this software known as 'fnr' http://findandreplace.io/
2. Download your /lib/skins/YOUR_SKIN_FOLDER folder to a particular folder.
3. Now run fnr. Click on Find field. Type there http://
4. In the replace field, type https://
5. Click on replace All
6. Reupload your skin folder. It should work now.

ALSO DO NOT FORGET TO TAKE BACKUP OF YOUR CURRENT_SKIN_FOLDER

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×