• Welcome to the Chevereto user community!

    Here users from all over the world gather around to learn the latest about Chevereto and contribute with ideas to improve the software.

    Please keep in mind:

    • 😌 This community is user driven. Be polite with other users.
    • 👉 Is required to purchase a Chevereto license to participate in this community (doesn't apply to Pre-sales).
    • 💸 Purchase a Pro Subscription to get access to active software support and faster ticket response times.

SSL Problems

Status
Not open for further replies.
L

Lastopp

Chevereto Member
Hello, I did just activate Flexible SSL from CloudFlare, it don't require anything from me or my server. And it works almost perfect.

"When using Flexible SSL with CloudFlare, your origin server will always accept requests over HTTP (port 80)."

I have added "always SSL" to htaccess and viewing pictures uploaded(from direct link http://test.com/img/hello.png) is working and showing the green "https://"

But the script is still stuck on http:// so this is how my site looks now:

http://i.imgur.com/MpSjFQj.png
http://i.imgur.com/hO4g3B0.png

So how do I make Chevereto use https:// instead of http://? I couldn't figure out how to do this manually.
 
Chevereto auto detects the protocol (http or https) but that only works when the server actually has https. When you use CF flexible SSL, the target server never uses the https protocol.

The easy workaround? Go to the top of includes/config.php and add this:

PHP: 
$_SERVER["HTTPS"] = "on";
 
Rodolfo said:
Chevereto auto detects the protocol (http or https) but that only works when the server actually has https. When you use CF flexible SSL, the target server never uses the https protocol.

The easy workaround? Go to the top of includes/config.php and add this:

PHP: 
$_SERVER["HTTPS"] = "on";
Click to expand...
Awesome!
 
Rodolfo said:
Chevereto auto detects the protocol (http or https) but that only works when the server actually has https. When you use CF flexible SSL, the target server never uses the https protocol.

The easy workaround? Go to the top of includes/config.php and add this:

PHP: 
$_SERVER["HTTPS"] = "on";
Click to expand...
That's the easy workaround, so what's the proper workaround?
 
Yeah, SSL certs are quite cheap when you only need it for one domain and just the basic stuff.
 
What do you mean by workaround?

I prefer that my users use https but http is also fine. I also like that CloudFlare makes it so easy because I switch servers alot, so setting up SSL saves me some time.
 
CF https and in server https could be labeled as the same thing but is not exactly the same. They work in different ways, but CF https could be sniffed by the ISP or someone in your server because from CF to your server there isn't encryption at all. Is really rare that the ISP sniff the traffic but is possible.
 
Status
Not open for further replies.
Back
Top