I have tested the security integrity of my website, "iridiumpc.duckdns.org" against the, "whynopadlock.com" website test and I came out pretty well for a noob I think.
I have two outstanding issues though and I am seeking to remediate them. The question I have for the group has to do with displaying content via https rather than http and apparently the answer is so simple that I completely fail to understand. I am told, "just add an, "s" to, 'http." OK.
Would somebody please tell me how to add this, "s" to, "http?" Go to what file folder where and change what?
Thank you very much in advance for your assistance and very best regards...
info@elgg.org
Security issues should be reported to security@elgg.org!
©2014 the Elgg Foundation
Elgg is a registered trademark of Thematic Networks.
Cover image by RaĆ¼l Utrera is used under Creative Commons license.
Icons by Flaticon and FontAwesome.
- Nikolai Shcherbin@rivervanrain
Nikolai Shcherbin - 0 likes
- Jerome Bakker@jeabakker
Jerome Bakker - 0 likes
- Claudius@10Steve01
Claudius - 0 likes
You must log in to post replies.You didn't mention your Elgg version.
For Elgg 3 you must change the website URL in the elgg-config/settings.php file.
Change value for $CONFIG->wwwroot on https://iridiumpc.duckdns.org
The easy answer is indeed add an 's' to http, just like Nikolai described. However your webserver needs to have a valid SSL certificate otherwise the browsers of your visitors will complain that the connection isn't secure.
Depending on your hosting solution this could already be the case (most hosted solutions offer SSL certificates these days). But if you handle your own server this could take a little bit more time than just 'add an s to http'.
This also applies to Elgg 4.x
Mr. Shcherbin and Mr.Bakker,
Thank you both for your answers. You have solved for me a problem I have been working on for at least four days now! Most excellent!