Re: Checklist for making site use all https

Leslie,

I'm able to change my Domain Settings > Site Configuration > Non-Secure URL to https without an error message.

As I recall, I got the same error message as you when I initially tried to change the setting. I think I did as Bruce is recommending and checked 'force https' on each page then went back and the Site Configuration change worked.

This is only anecdotal because its been several months and I was making a lot of changes all at once but I no longer get the error message.

Re: Checklist for making site use all https


Guess I will have to open up a support ticket. I cannot make the change. All pages already have "force https" checked.

Yeah, I'm probably going to have to drop the token in favor of a link...

I want to dog pile onto this because I'm looking at an htaccess file that is already full of old crap that probably needs to go away but I'm afraid of offending Google. The catch-22 is that some of these redirects may be offending Google according to Screaming Frog. I have gone through all the links that the Frog said were still being redirected and corrected those. Now I'm wanting to put the force https rewrite in place but I'm concerned as to how well it's going to play with the existing force www that is already in place.

I'm not sure how you are thinking google would be offended, but if you have any redirects over 3 months old, then google isn't going to care. Other outside links may still exhibit a problem, but you could convert the redirects to use the URI manager for those.

Just wanted to add a pointer to a new thread Brennan started with an all-https tutorial: http://www.miva.com/forums/forum/onl...e-to-all-https

I think I just discovered what you meant by "it was only effecting the CTGY/PROD pages" - I can't seem to get the token &mvte:product:link; or &mvte:cattree_category:link; to switch over to the https. The product link won't be a huge issue other than having to find every place it's used at and then change it. Am I correct in thinking that using Template GPS will be the most efficient way to accomplish this?

What will be the token to replace &mvte:cattree_category:link; with?

Yes to both. As for what to use, you basically go old school and build links with smt tokens. Note: You wont be able to use the URI Manager's ad hoc redirect though. It has to be based on a pattern "unless you want to start using SMT functions to call the URI management resources (i.e., call URI Manager to get the redirect url).

Would you call this a bug?

Seems to be...but never confirmed it. Will know soon as I have about 3 new sites coming out, and all will run HTTPS. (All our other sites running HTTPS don't use the URI manager.)

Keep me posted, I'm in a support loop with Miva right now. LOL, I was referred back to the blog post I was asked to review since I seem to be the one with all the questions...

FWIW, I don't want to have to jump through hoops to make these links work like they should, nor should any other store owner. They should just work, period.

Shifting phase ever so slightly, has anyone done this for a store that has multiple domain names that point to a store?

For those that may have found this thread and are hoping for newer documentation there's also a blog post "How To Convert Your Entire Miva Store to HTTPS"
http://www.miva.com/blog/how-to-conv...tore-to-https/

RE: HSTS

Should the server issue HSTS header if the domain decides to go all https ?

Would this be set in the html_profile tab or at the server level?