• Welcome to the Chevereto user community!

    Here users from all over the world gather around to learn the latest about Chevereto and contribute with ideas to improve the software.

    Please keep in mind:

    • 😌 This community is user driven. Be polite with other users.
    • 👉 Is required to purchase a Chevereto license to participate in this community (doesn't apply to Pre-sales).
    • 💸 Purchase a Pro Subscription to get access to active software support and faster ticket response times.

Default to HTTPS

Craig

Chevereto Member
Hey everyone,

Trying to ensure HTTPS://mywebsite.com is served instead of HTTP. My webhost said to include the following lines of code in the .htaccess file.


RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]


They also said also this forces directly linked resources (images, css, etc.) to use https:

Where in this file do I place this code and do I need to remove or uncomment any code?

Just making sure Chevereto does not have its own way of defaulting to HTTPS.

Thanks!
 
I think that Chevereto should have an option to enable https, but I think it does not have it, the .htaccess file is hidden in the main directory folder of your domain, you have to enable the hidden files or modify it from ftp
 
I think that Chevereto should have an option to enable https, but I think it does not have it, the .htaccess file is hidden in the main directory folder of your domain, you have to enable the hidden files or modify it from ftp

Hey thanks for responding. I am able to locate and access the .htaccess file. Just want to make sure what they are saying works for Chevereto and that I place the code in the right location in the file.
 
Actually it will depend on your server and for apache that code should work fine. The file is /.htaccess and it should look like this if we mix that code with Chevereto's .htaccess.

Code:
# Disable server signature
ServerSignature Off

# Disable directory listing (-indexes), Multiviews (-MultiViews) and enable Follow system links (+FollowSymLinks)
Options -Indexes
Options -MultiViews
Options +FollowSymLinks

<IfModule mod_rewrite.c>

    RewriteEngine On

    # If you have problems with the rewrite rules remove the "#" from the following RewriteBase line
    # You will also have to change the path to reflect the path to your Chevereto installation
    # If you are using alias is most likely that you will need this.
    #RewriteBase /

    RewriteCond %{HTTPS} !=on
    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

    # 404 images
    # If you want to have your own fancy "image not found" image remove the "#" from RewriteCond and RewriteRule lines
    # Make sure to apply the correct paths to reflect your current installation
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteRule images/.+\.(gif|jpe?g|png|bmp) - [NC,L,R=404]
    #RewriteRule images/.+\.(gif|jpe?g|png|bmp) content/images/system/404.gif [NC,L]
 
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_URI} !\.(css|js|html|htm|rtf|rtx|svg|svgz|txt|xsd|xsl|xml|asf|asx|wax|wmv|wmx|avi|bmp|class|divx|doc|docx|exe|gif|gz|gzip|ico|jpe?g|jpe|mdb|mid|midi|mov|qt|mp3|m4a|mp4|m4v|mpeg|mpg|mpe|mpp|odb|odc|odf|odg|odp|ods|odt|ogg|pdf|png|pot|pps|ppt|pptx|ra|ram|swf|tar|tif|tiff|wav|wma|wri|xla|xls|xlsx|xlt|xlw|zip)$ [NC]
    RewriteRule . index.php [L]
 
</IfModule>

Please note that in some servers / hosting companies HTTPS redirection must be configured by other means. In that case please refer to the documentation of your hosting company.
 
The https rule should work for any given request. If you have issues check it with your hosting company and make sure that you don't have any browser cache.
 
Is that correct functioning properly

Thank you!
The code did allow my site to load securely but it did not force the https. I was getting error... too many redirects, from my browser. I use Cloudflare through my webhost and created a page rule for my site. That finally forced the https to load.
 
I don't know why people mess up this redirect stuff all time. Not only in this topic but I always see that people struggle with this. Just Google it and you will find answers for everything related with this stuff. This is entirely server configuration, not related to Chevereto at all so if you have issues check your server or ask your hosting company.
 
I think that Chevereto should have an option to enable https, but I think it does not have it, the .htaccess file is hidden in the main directory folder of your domain, you have to enable the hidden files or modify it from ftp

Chevereto won't touch that .htaccess file because that's server setup, Chevereto won't mess with that.
 
Hey guys. I have HTTPS redirected on mine via .htaccess. I was wondering if there is a way to have the redirect only when the user is logged in? Also, are spiders or search engines able to crawl your site even if it's set to https?
 
Every load should be https, there's no point to enable it just for login. Crawlers will crawl your https website without hassle.
 
Hey guys. I have HTTPS redirected on mine via .htaccess. I was wondering if there is a way to have the redirect only when the user is logged in? Also, are spiders or search engines able to crawl your site even if it's set to https?
Google prefers if the site is https, so no reason not to enable it sitewide.
 
Back
Top