Hi I recently learned that Heroku has piggyback SSL. However when I configured my site to a custom domain, suddenly it only goes to http. Changing the forwarding in my domain manager (GoDaddy) to Https does not work. However the default url of Heroku goes to https. Is there a way to configure my domain in such a way to make use of the piggyback SSL?
Heroku provides SSL by default on all *.herokuapp.com domains - they also have free SSL available for paid apps using SNI based SSL and LetsEncrypt. See https://devcenter.heroku.com/articles/automated-certificate-management for info that. You can't change a default URL, you'd have to handle the redirect in your application to force SSL.
Related
I have setup a managed WP install on Google Cloud using Cloudways. I am having issues with my SSL certificate appearing in web browsers. Using SSL checker I can see the SSL is installed https://www.sslshopper.com/ssl-checker.html?hostname=thesummer.store
I am using a custom SSL certificate rather than using Let's Encrypt SSL which is integrated into Cloudways. However, even when I use Let's Encrypt I run into the same issue.
Cloudways support put the issue down to cache but that isn't the issue.
I have tried re-doing everything from scratch, cleared caches in different browsers, and tried LetsEncrypt over my custom SSL certificate.
According to SSL checker everything is okay.
if you are using cloudflare for DNS hosting, you need to switch off the proxy (click on the orange cloud at your DNS), apply again the LetsEncrypt from Cloudways, and after activation of SSL, you can again switch on the cloudflare proxy.
The thing is your IP must directly point to your cloudways server to get your SSL Activated. After activation you can activate your Cloudflare Proxy.
Backend: "Bitnami WordPress with NGINX and SSL Stack for Google Cloud Platform" from marketplace.
I used this guide: https://www.am22tech.com/google-cloud-cdn-wordpress/
I ended up with a somewhat working system as follows:
My Domain ->(google managed cert)-> CDN + Load Balancer -> Instance Group ->(http)-> VM with bitnami stack.
All works well and seems very fast. The biggest gap in my understanding is how the VM can be told it needs to behave as if it's the original domain.
For example, in the nginx server config, any kind of reference to $host seems to return the VM's IP address or something like that.
Also, in wordpress, in a lot of places the domain is replaced by an IP address, even though the site URL and wordpress address show up correctly. This isn't a wordpress question though, as I'm quite sure there is a more general solution I'm missing to do perhaps with NGINX or the load balancer configuration. I think PHP detects the host and passed it along to wordpress but I'm not clear how.
I found a reference somewhere in the google documentation how to manually assign a domain to a VM but not sure that's what's needed here.
Further to this, I'm totally unclear how I would set up https between the vm and the load balancer, yet only have one domain/ip address for the global forward rule. Maybe a separate question.
Bitnami Engineer here. If you already have the domain, certificates and the Load Balancer in place, you will need to configure WordPress to use that domain name as default domain of the application. You will need to edit the wp-config.php file and configure these lines
define('WP_SITEURL', 'http://DOMAIN/');
define('WP_HOME', 'http://DOMAIN/');
More info: https://docs.bitnami.com/google/apps/wordpress-pro/administration/configure-domain/
In case you also want NGINX to redirect you your domain, no matter how you access your app's information, you can add this configuration line
return 301 https://DOMAIN$request_uri;
in the /opt/bitnami/nginx/conf/bitnami/bitnami.conf file
More info: https://docs.bitnami.com/google/apps/wordpress-pro/administration/force-https-nginx/
I had better luck having the load balancer talk to my VM with https. Once I got that working, I didn't have to make any changes to wp-config.php. In this case I didn't bother with varnish because I think it only supports http. I'm hoping google's CDN will be sufficient regarding caching, and I may try a helper plugin in wordpress.
To redirect http to https, I followed the bitnami instructions to set up to front ends to the load balancer pointing to the same static ip address, then in my nginx server blocks, I added a redirect line in the https block (not the http block), since the google load balancer communicates with my backend via https. Google sets the http_x_fowward_proto to http so I check that and redirect if necessary.
if ($http_x_forwarded_proto = "http") { return 301 https://$host$request_uri; }
The bitnami stack is amazing, everything seems extremely fast!
I am using Google Compute Engine, I have a VM instance with wordpress installed.
I want to enable HTTPS, I have cloudflare ssl for the domain, but as soon as I turned on ssl in wordpress (setting siteurl to https://domain.com) it fudges up and wont load any longer.
Ive tried looking very hard through Google cloud documentation, cant find anything that helps.
All I want is to install an SSL cert on my instance, allow https connection through and get on with setting up the rest of my site!
But it seems there is no way to do this?
ANy help will be greatly appreciated,
thankyou
I think you should set "Allow HTTPS traffic" on VM Instance's settings page
I've developed a web app, which uses HTTPS and which works fine when I access is it (live). Yet some customers, who use proxy servers, can't access the site. I already tried to use a real certificate (a cheap one and only a trial, but yet valid), but that didn't help.
Everytime one of these users tries to access the site the browser tries to load it until a timeout occurs. One user even was shown an authentication (but I'm not 100% sure if this was due to a proxy, still waiting for response from the customer)
For which reasons can this happen and what can I do about it?
I'm using IIS, ASP.NET (C#) and JS. Sideinfo: The URL contains a port, the internal structure of the network the IIS is running in (not mine) doesn't allow it otherwise.
443 is dedicated port for HTTPS connectivity. Add type 'HTTPS' with default port 443 in Site bindings of hosted site directory. Check after whether SSL is enabled or not? in IE(browser)->Tools->Internet options->Advanced->Security.
If the HTTPS port in your web app's URL isn't port 443, you'll have a problem with corporate proxies that don't like non-standard HTTPS ports.
i.e. I hope your URL looks something like this: http://example.com:443/...
I have a question.
I have never worked with a DotNetNuke setup with SSL before. Our server has SSL set up correctly on the server via our hosting company.
My question is, if I enable SSL on one of my DNN portals, are there any gotchas or settings I need to be aware of, assuming the server is set up correctly?
If your whole site isn't going to be secured by SSL, keep in mind that the Admin and Host areas will automatically redirect to SSL secured versions of those pages. In this scenario, depending on your web host, I've encountered infinite redirect issues which made it so that I could not access the admin and host areas. This ultimately was due to how the web host was offloading their SSL traffic.
Other than that, as long as you've got the certificate installed correctly, and SSL enabled in DNN, I don't foresee any other problems.