Announcement

Collapse
No announcement yet.

"/" not loading as HTTPS

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    "/" not loading as HTTPS

    What am I missing? Something simple?

    HTTPS completely configured with URI Manangement. All pages are set to use HTTPS.

    Trying to keep a very light htaccess, this is the Miva generated. There isn't command to force https, I assume URI management takes care of this. Regardless of www.domain.com or just domain.com, the browser isn't getting the info that the domain has a cert.

    What setting in MM, or what setting in htaccess?

    Code:
    ### Begin - Miva Merchant URI Management: Direct all non-file URIs to Miva Merchant
    RewriteEngine on
    RewriteCond %{REQUEST_FILENAME} !-s
    RewriteCond %{REQUEST_URI} !^/mm5/.*$
    RewriteCond %{REQUEST_URI} !(gif|jpg|jpeg|jpe|xbm|png)$
    RewriteRule ^(.*)$ /mm5/uri.mvc? [QSA,L]
    ### End - Miva Merchant URI Management
    Need to offer Shipping Insurance?
    Interactive Design Solutions https://www.myids.net
    MivaMerchant Business Partner | Certified MivaMerchant Web Developer
    Competitive Rates, Custom Modules and Integrations, Store Integration
    AutoBaskets|Advanced Waitlist Integration|Ask about Shipping Insurance Integration
    My T-shirt Collection is mostly MivaCon T-shirts!!

    #2
    I got some helpful reminders from private sources. Thanks.

    I am not sure why I thought I wouldn't actually need to add any code to the htaccess.

    I ended up adding something very close to this and all is well.

    Code:
    RewriteEngine On
    RewriteBase /
    
    RewriteCond %{HTTPS} !=on
    RewriteCond %{HTTP_HOST} ^example\.com$ [OR]
    RewriteCond %{HTTP_HOST} ^www\.example\.com$
    RewriteRule .* https://example.com%{REQUEST_URI} [R=301,L]
    Need to offer Shipping Insurance?
    Interactive Design Solutions https://www.myids.net
    MivaMerchant Business Partner | Certified MivaMerchant Web Developer
    Competitive Rates, Custom Modules and Integrations, Store Integration
    AutoBaskets|Advanced Waitlist Integration|Ask about Shipping Insurance Integration
    My T-shirt Collection is mostly MivaCon T-shirts!!

    Comment


      #3
      While that does work, and its something that's probably in all the sites we work on, it would seem that you should be able to just change the "Always Show Page as HTTPS" checkbox on all Template pages.
      Bruce Golub
      Phosphor Media - "Your Success is our Business"

      Improve Your Customer Service | Get MORE Customers | Edit CSS/Javascript/HTML Easily | Make Your Site Faster | Get Indexed by Google | Free Modules | Follow Us on Facebook
      phosphormedia.com

      Comment


        #4
        Already stated.

        Scott
        Need to offer Shipping Insurance?
        Interactive Design Solutions https://www.myids.net
        MivaMerchant Business Partner | Certified MivaMerchant Web Developer
        Competitive Rates, Custom Modules and Integrations, Store Integration
        AutoBaskets|Advanced Waitlist Integration|Ask about Shipping Insurance Integration
        My T-shirt Collection is mostly MivaCon T-shirts!!

        Comment


          #5
          Thank You. I've remembered incorrectly. Not the first nor last time I guess.
          Need to offer Shipping Insurance?
          Interactive Design Solutions https://www.myids.net
          MivaMerchant Business Partner | Certified MivaMerchant Web Developer
          Competitive Rates, Custom Modules and Integrations, Store Integration
          AutoBaskets|Advanced Waitlist Integration|Ask about Shipping Insurance Integration
          My T-shirt Collection is mostly MivaCon T-shirts!!

          Comment


            #6
            I'd recommend not doing anything in htaccess for this; just open a request with Miva's technical assistance center to have https forced at the server level if the site is ready for all-https. Ideally you don't want a htaccess at all, and long term architecture for sites using URI management will not need it, so keeping anything else besides URI management directives (which will become irrelevant) out of htaccess is preferable.
            David Hubbard
            CIO
            Miva
            [email protected]
            http://www.miva.com

            Comment


              #7
              What about browser caching? Or compression?

              Scott
              Need to offer Shipping Insurance?
              Interactive Design Solutions https://www.myids.net
              MivaMerchant Business Partner | Certified MivaMerchant Web Developer
              Competitive Rates, Custom Modules and Integrations, Store Integration
              AutoBaskets|Advanced Waitlist Integration|Ask about Shipping Insurance Integration
              My T-shirt Collection is mostly MivaCon T-shirts!!

              Comment


                #8
                There's no reason to put any compression directives in htaccess because the majority of our servers have nginx sitting in front of apache, which is already doing compression on common content types, but otherwise renders any apache-specific compression directives useless. Caching would get passed through, but could also be handled at the nginx level, or CDN level (such as Cloudflare).
                David Hubbard
                CIO
                Miva
                [email protected]
                http://www.miva.com

                Comment


                  #9
                  So the issue then, SEO tools that run on these store are not recognizing the compression.

                  How is the browser caching done at the nginx level? And, I need to be able to control what elements get cached like CSS or JS. Will I be able to select options in Plesk? I wouldn't want to be needing to contact a support engineer every single time I need to make a change?

                  Scott
                  Need to offer Shipping Insurance?
                  Interactive Design Solutions https://www.myids.net
                  MivaMerchant Business Partner | Certified MivaMerchant Web Developer
                  Competitive Rates, Custom Modules and Integrations, Store Integration
                  AutoBaskets|Advanced Waitlist Integration|Ask about Shipping Insurance Integration
                  My T-shirt Collection is mostly MivaCon T-shirts!!

                  Comment


                    #10
                    The default compression config is against the following content types:

                    text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript

                    If the content in question is below 1kb in size, it will not attempt compressing it because it's going to require more time to compress than it would have saved. Any other content types would need to be added in via custom directives.

                    Browser caching would be effectively the same, but with server level directives to set headers based on content type, not runtime directives in a htaccess that have to be analyzed and executed with every single request for every file type.

                    The long term intent is for Miva Merchant to manage CSS/JS resources, and cache headers would be served there. I'd have to check whether that is possible currently; let me know if you need me to ask around about that. The reasoning behind this is to ensure those resources are protected by Miva Merchant's security features, from both a standpoint of access and content integrity. Long term, if JS resources are served by Miva Merchant's javascript file manager, it can serve Subresource Integrity hashes with the content, ensuring a browser visiting the site will reject the JS if it's been modified outside of Miva Merchant, and then of course Miva Merchant's own security features try to prevent unauthorized modification. Files managed outside of Miva Merchant will not have either protection.
                    David Hubbard
                    CIO
                    Miva
                    [email protected]
                    http://www.miva.com

                    Comment

                    Working...
                    X