#91

Super Moderator
Las Vegas, NV, USA
Just hopped over to take a peek using the link on BoarderPhreak’s signature, and the main landing page is showing as https for me. Confused2
• Matthew •
[+] 1 user likes this post
#92
(This post was last modified: 05-20-2017, 02:34 PM by BoarderPhreak.)
(05-20-2017, 06:25 AM)andrewjs18 Wrote: it definitely was not serving the site over https when I made the comment.  are you using hsts?

Sure am. And a test just showed it's working fine.

In fact, it's impossible NOT to use HTTPS as I redirect all HTTP to it.
#93

Super Moderator
San Diego, Cal., USA
(05-20-2017, 08:43 AM)Matsilainen Wrote: Just hopped over to take a peek using the link on BoarderPhreak’s signature, and the main landing page is showing as https for me. Confused2

BoarderPhreak, when I use the link in your signature (on my iPad), the little lock shows in your address.  However, if I use the link you gave us in your very first post in this thread, the lock is not there.  I have no idea why, since both seem to take me to the same place.  andrewjs18, which way did you go to BoarderPhreak's site?
[+] 1 user likes this post
#94

Administrator
Philadelphia, PA
(This post was last modified: 05-20-2017, 07:50 PM by andrewjs18.)
Freddy is correct. the URL in your OP takes you to your site without HTTPS. if I run curl against the domain name, it looks like you haven't set up a redirect for dailylather.com. you do seem to have one set up for http://www.dailylather.com
Tu ne cede malis, sed contra audentior ito.
[+] 1 user likes this post
#95
(This post was last modified: 05-21-2017, 12:42 PM by BoarderPhreak.)
Ahh, I see what's going on. Yeah, curl doesn't show the redirect - but it works in browsers.

The reason this looks odd is because of the complex nature of the back-end. Nginx terminates SSL ahead of Varnish and Apache, which serve the cached content, replying in SSL and HTTP/2. The redirect of www. is easy because nothing will ever respond there. The domain without is trickier because of the aforementioned layering.
[+] 2 users like this post
#96

Administrator
Philadelphia, PA
(05-21-2017, 12:28 PM)BoarderPhreak Wrote: Ahh, I see what's going on.  Yeah, curl doesn't show the redirect - but it works in browsers.

The reason this looks odd is because of the complex nature of the back-end.  Nginx terminates SSL ahead of Varnish and Apache, which serve the cached content, replying in SSL and HTTP/2.  The redirect of www. is easy because nothing will ever respond there.  The domain without is trickier because of the aforementioned layering.

it doesn't though...if I type in dailylather.com in google chrome, it does not redirect me to the https version of the site.

that said, I'm glad you see where the problem lies. good luck in getting it worked out!
Tu ne cede malis, sed contra audentior ito.
#97

Super Moderator
San Diego, Cal., USA
To both BoarderPhreak and andrewjs18, I fully appreciate that both of you know what the heck you are talking about but, hey, there are a bunch of us alter cockers (old $HittEr$) who are clueless.  Any chance you might speak in English? Big Grin
[+] 1 user likes this post
#98
(05-21-2017, 09:26 PM)andrewjs18 Wrote: it doesn't though...if I type in dailylather.com in google chrome, it does not redirect me to the https version of the site.

that said, I'm glad you see where the problem lies. good luck in getting it worked out!

Hmm, it does in Firefox and Safari... I'll look into it more.


Users browsing this thread: 1 Guest(s)