Thread about the update.

[Robert Watcher]

You can still use the 3rd icon to the upper right, (of the dialog box in a new post), the picture icon, to use the URL link to you image on some favorite server. It’s just the “attach files” alternative, that I need to make universal!

Asher

Thanks. I am aware of that. I will wait to post until I can attach the pics. Far easier to do than uploading, copying and pasting as I have done in the past.

——

 

[Asher Kelman]

I have been using the “OPF Dark” style version for over a week.

I am so happy with it but if I switch back to the “Original”, bright version, that is also equally good to my heart. ?

What is amazing to me is the sheer lasting beauty of the Logo Design by Nicolas and Marine in their Bordeaux Agency, Claris Image Builder way back in 2006.

​

What designs can be so future proof?

I must thank Nicolas again and again for our clean, attractive and handsome graphics that welcome us all to OPF!

Asher

 

[nicolas claris]

Thank you Asher!
But again, about Ceasar… OPF logo (as well as Claris') has been designed by Marine our AD!

 

[Asher Kelman]

Thank you Asher!
But again, about Ceasar… OPF logo (as well as Claris') has been designed by Marine our AD!

Of course, the are slow to respond. Besides, I will do it myself, if need be!

Asher

 

[nicolas claris]

Of course, they are slow to respond. Besides, I will do it myself, if need be!

You got me wrong! I was reffering to your preceeding post (#92) about OPF logo

 

[Asher Kelman]

Ahah! Nicolas, always the gentleman and honest.

It’s Marine we owe so much to!

Well thanks to Marine ❤️.

So talented, French and simply adorable to the nth

Asher

 

[Asher Kelman]

I digress for a. One thing folk:

note Nicolas Claris has updated his “NC Dark Style”, more readable but less restful than than Russ’ OPF Dark Style.

Try looking at this thread with both styles!

Asher

 

[nicolas claris]

OPF logo has been updated with a double resolution version for retina monitors. For all styles

 

[Asher Kelman]

Thanks from all of us Nicolas!

Asher

 

[Robert Watcher]

Just a “For What It’s Worth” —— latest IOS 12.2 is now being installed on iPads and IPhones and Safari has been updated to make people aware of websites that are not following the https security protocol - so that it is not only visible in Chrome and select other browsers —- the “Not Secure” warning is mainstream everywhere. I really like OPF and so still visit from time to time, but not without trepidation. It is strange that OPF has not done it as it is free to get an SSL certificate (yes you can also purchase one if needed) and effortless and fast to apply - it doesn’t take weeks or days to do. For Let’s Encrypt certificates the issuance is generally between 30 minutes and 1 hour. If your hosting provider uses cPanel, the AutoSSL certificate can be applied instantly.

From Safari browser on my iPhone today after IOS 12.2 update:

 

[Asher Kelman]

Where do I get the certificate, Robert?

I have been so steadfast in agreeing but keep having amazing catastrophes and rewards diverting me, one after the other. A simple plumber task done wrong flooded the kitchen and garage and before that the balcony leaked storm water to the breakfast room and now a billion ants coming from the shower....and more art projects at the same time!

Let’s do this Monday. Tell me where I get the certificate and I will give it to my shosting company to apply

Thanks for the umpteenth reminder!

Asher

 

[Robert Watcher]

Where do I get the certificate, Robert?

I have been so steadfast in agreeing but keep having amazing catastrophes and rewards diverting me, one after the other. A simple plumber task done wrong flooded the kitchen and garage and before that the balcony leaked storm water to the breakfast room and now a billion ants coming from the shower....and more art projects at the same time!

Let’s do this Monday. Tell me where I get the certificate and I will give it to my shosting company to apply

Thanks for the umpteenth reminder!

Asher

I wasn’t necessarily giving you an umpteenth reminder - I was letting you know what your visitors are now seeing today with the new IOS update. That’s all.

Anyway - Best is to put a ticket in to your hosting company. Many already have it built in as an option they can provide you with a simple setting in cPanel. Even if not, they will be able to set an SSL up for you. That is their business, so they are the ones qualified to set it up for you or provide you the guidance.

If you want to do some reading, this is one popular company that provides free SSL certificates - https://letsencrypt.org/

 

[Asher Kelman]

Thanks Robert,

Let’s Encryot doesn’t seem to be supported automatically by LiquidWeb, or server service, but I will deal with it iin the am. Could be that the user list up to date!

Asher

 

[Robert Watcher]

Thanks Robert,

Let’s Encryot doesn’t seem to be supported automatically by LiquidWeb, or server service, but I will deal with it iin the am. Could be that the user list up to date!

Asher

Ok - I have no idea what your setup is with Liquidweb to have any opinions on how to proceed —- but I just took a few minutes to go their website Live Chat and asked if they provided or set up Free SSL certificates and the quick chat went this way. They provided a link that if I had an account I would log in to and they would advise me from there. But I don’t have an account so the conversation was over. So they work with free SSL certificates. As I mentioned it is best to contact them

This came out of Liquidweb Knowlegebase if using Plesk to manage your account - https://www.liquidweb.com/kb/how-to-generate-and-renew-lets-encrypt-ssl-certificates-in-plesk-12-5/

LiquidWeb.com SSL: Guide to Liquid Web Free SSL & LetsEncrypt

While not being too obvious about it, Liquid Web does offer free SSL certificates to host sites on HTTPS -- considered a must for any website owner in . In this guide I've compiled pretty much everything you need to know.

www.webhostwhat.com

————-

 

[Asher Kelman]

Thanks so much Robert for the guidance.

With the free option there is back end work on a Linux server and that is beyond my paygrade!

So I had Liquid Web do that for me!



❤ ? ?‍♀️ ?


We are now HTTPS

Bravo to those who bugged me so much!

Asher

 

[Robert Watcher]

If you are paying for a Managed Hosting, then that is what they help you with. They are the experts.

AMAZING

 

[Robert Watcher]

Now just one more thing to do - a redirect that will force visitors to your https site. Bookmarks and links that members are using to visit OPF, will still point to your http “Not Secure” website. That includes people finding OPF in Google Search - the links are to your http url until they get updated.

Example - both of these work.

http url

Open Photography Forums

Imaging to hold up a lantern to ourselves and the planet we’ve claimed dominion!

openphotographyforums.com

https url

Open Photography Forums

Imaging to hold up a lantern to ourselves and the planet we’ve claimed dominion!

openphotographyforums.com

A common way is by adding this code to your .htaccess file in the root folder

RewriteEngine On
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^www\. [NC]
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]
RewriteRule ^ https://%1%{REQUEST_URI} [L,NE,R=301]

Or better yet, ask Liquidweb if they can configure your settings so that all requests get redirected to your non-www https url.

You are close

———-

 

[Asher Kelman]

We had already done that, apparently, according to Liquid Web.

We have “forced SSL on entire site” so you need to refresh your browser or clear your cache.

Let me know if that works.

Asher

 

[Doug Kerr]

I'm interested to see how that works here, but I'm not sure exactly how.

Firstly, right here, the address bar in my browser (Firefox) looks like this:

If I go to the home page, I see this:

If from that, I navigate back to this forum section and this thread, I see again what I showed first here.

By the way, I cleared the Firefox cache, stooped and restarted Firefox, and the result is just the same.

What do I need to do to look into this further?

Thanks.

Best regards,

Doug

 

[Doug Kerr]

Aha! My shortcut to the "new posts" page of the site did not specify the protocol at all (neither HTTP nor HTTPS). I put the protocol indicator HTTPS in the shortcut, and when I arrived at this page, the address bar shows:

What about that warning on the "Secured" padlock icon? Wet floor? Well, the site info says (in part):

Well, I can understand that.

But if I navigate to the home page, then use the link to "New Posts", I get back to this place but the address bar shows:

Ah! I note that almost all of the links on the Home Page have an explicit HTTPS prefix for the referenced address, but those under "In the forums" do not.

For whatever this is worth.

Best regards,

Doug

 

[Jason Winters]

Ah, that means your re-write option isn't working, i.e., any link going to an http site still does. If you use a re-write, any http gets rewritten as https, then served.
So, as they said, close!
I came in via the link from the email you just sent out... (oh, and the .sig has "http" not "https" in it), and it did not redirect me...
Sigh..

 

[Jason Winters]

Oh, and the link for "change your password" comes up as non-secure as well.. probably not what is intended!

 

[Asher Kelman]

Oh, and the link for "change your password" comes up as non-secure as well.. probably not what is intended!

Jason, Doug and Robert!

The “S” missing in that signature I will now change. Thanks someone had just pointed that out.

Such feedback is critical.

1. If you are able to described what the help desk at Liquid Web Had to do, I would so appreciate if you might write it out for me so I can pass it to Liquid Web Support.

2. If this is something that our hired forum platform techs would have to do somewhere in our database, then describe what they need to do.

I can extinguish a cancer, make up stories about “Grandpa Frog on “Frog Island”, fix the leaking roof, or even weld steel, but no longer do any coding!

So I really appreciate to the nth your help and guidance!

Asher

 

[Doug Kerr]

Hi, Jason,

Ah, that means . . .

That what? To whom are you replying?

your re-write option isn't working, i.e., any link going to an http site still does. If you use a re-write, any http gets rewritten as https, then served.
So, as they said, close!

If you are replying to me, please help me know what my "re-write option" is.

Thanks.

Best regards,

Doug

 

[Robert Watcher]

We had already done that, apparently, according to Liquid Web.

We have “forced SSL on entire site” so you need to refresh your browser or clear your cache.

Let me know if that works.

Asher

It is true that your main page openphotographyforums.com gets rewritten to https even if entering http url ——- the issue is with the Forum. Follow the 2 links I provided above and you will see that both the http and https urls to Forum work —— that is NOT a good thing and means the rewrite isn’t happening. You should also notice that clicking the Forum link on the Home page, takes you to the http Forum page (Not Secure).

Show Liquidweb that example so they know what you are referring to. It has nothing to do with emptying the cache.

——

 

[Robert Watcher]

I'm interested to see how that works here, but I'm not sure exactly how.

Firstly, right here, the address bar in my browser (Firefox) looks like this:

If I go to the home page, I see this:

View attachment 405

If from that, I navigate back to this forum section and this thread, I see again what I showed first here.

By the way, I cleared the Firefox cache, stooped and restarted Firefox, and the result is just the same.

What do I need to do to look into this further?

Thanks.

Best regards,

Doug

That is the issue Doug. You spotted it correctly. Only the Home page redirects to https

 

[Asher Kelman]

That is the issue Doug. You spotted it correctly. Only the Home page redirects to https

So that is, succinctly, what I shall report in the am. They told me that there are two conflicting redirects. First to http, last to https.

In the morning I will call Liquid Web!

Asher

 

[Winston Mitchell]

Robert's https URL works fine for me.

 

[Asher Kelman]

I discovered today, (with Doug Kerr’s help, that at least in Firefox), the Https secure path is not being used.

The Liquid Web tech, Michelle, kindly is tackling this:

“You are having issues with getting your site to show up in ssl . Since your site made with php code it doesn't seem to be taking the changes to .htaccess code. I will try and redirect it using php code and if that does not work we will try and install your ssl with a dedicated IP address set up for https.”


I would appreciate any further reports, (and times in Pacific Mean Time), of https redirect failure as we should be totally secure!

?

Asher

 

[Robert Watcher]

I discovered today, (with Doug Kerr’s help, that at least in Firefox), the Https secure path is not being used.

The Liquid Web tech, Michelle, kindly is tackling this:

“You are having issues with getting your site to show up in ssl . Since your site made with php code it doesn't seem to be taking the changes to .htaccess code. I will try and redirect it using php code and if that does not work we will try and install your ssl with a dedicated IP address set up for https.”


I would appreciate any further reports, (and times in Pacific Mean Time), of https redirect failure as we should be totally secure!

?

Asher

I don’t know specifics about the software - just throwing this your way:

How to Switch An Existing XenForo Setup to Secured SSL (HTTPS)

A step by step guide to switching an existing XenForo installation from HTTP to HTTPS aka from http://domainname to https://domainname

xfpoint.com

Possibly this if you are signed into the XenForo Forum:

Unmaintained - How To Implement SSL To Secure HTTP Traffic (HTTPS)

This guide should hopefully explain all of the steps required to switch an XF installation from using HTTP to HTTPS. So for example, instead of the site URL being http://xenforo.com/community/ it will be https://xenforo.com/community/. What is...

xenforo.com

———