Recent Topics
  1. b2evolution CMS Support Forums
  2. b2evolution Support
  3. General Support
  4. [b2evolution 6.6.7-stable] Skins not showing on SSL or Too many redirects with https

[b2evolution 6.6.7-stable] Skins not showing on SSL or Too many redirects with https

1 Mar 07, 2016 21:51    

Problem:

With the base URL hardcoded to https://hostname.domain.tld either http or https result in too many redirects on Safari and Firefox. When using the parametric means of finding the hostname, http works fine, but https winds up with the blogs showing with no skin. In the first case, debug does not work as the browser only shows too many redirects, and no website response, so no debug information. In the second case, turning on debug has me suspecting that b2evolution is looking for skins [and maybe other subdirectories] using the non-secured http protocol, rather than sticking with https. Admin also appears with no skin.

Here's what I've found and tried so far.

References:

I’ve consulted the following posts, and tried the changes suggested therein.

http://forums.b2evolution.net/topic-21982

I’ve done this:

$htsrv_url_sensitive = 'https://fortuna.macminicolo.net/'.$htsrv_subdir;

http://forums.b2evolution.net/topic-22516

I’ve tried both hardcoding to https and using the parametric code in conf/_basic_config.php by removing the comment markers in the below:

$baseurl = 'https://fortuna.macminicolo.net/';

// Use the following if you want to use the current domain:
/**
if( isset($_SERVER['HTTP_HOST']) )
{       // This only works if HOSt provided by webserver (i-e DOES NOT WORK IN PHP CLI MODE)
        $baseurl = ( (isset($_SERVER['HTTPS']) && ( $_SERVER['HTTPS'] != 'off' ) ) ?'https://':'http://')
                                                        .$_SERVER['HTTP_HOST'].'/';
}

*/

http://forums.b2evolution.net/topic-20161

I’ve done this, and it works for the blogs in which I’ve changed the settings, but https://.../admin.php still shows too many redirects

Try unchecking "Redirect to canonical URL" in Blog settings > SEO
Set all links to use "params" instead of extra path on URLs tab

http://forums.b2evolution.net/5-0-5-stable-redirect-problem

Changing

inc/_init_hit.inc.php line 70. We changed the clause $_SERVER['HTTPS'] != 'off'" to "$_SERVER['HTTPS'] != NULL

didn’t seem to do anything, at least with too many redirects for admin.

Background:

After many years of trying to upgrade our old b2evolution blog on a RHEL5 machine without success [thank you François for all your help back then] we finally moved to a Mac Mini running server.app, and successfully moved our mysql database and blogs. Our next step was to use SSL with a self-signed certificate, when we encountered the problem stated above.

b2evolution version: 6.6.7-stable
php version: 5.5.30
Mac OS X: El Capitan 10.11.3
Server.app version: 5.0.15
Mac Mini Late 2014

Additional Information:

As I’m testing things out, there is no .htaccess file – I’m just relying on Server.app to set up the host machine and colo facility domain for now. Once things are working to my satisfaction, I’ll redirect DNS and set up the appropriate domains. The ultimate goal is to use b2evolution for all our domain websites content management, retaining our multi-blogs from The Teleinteractive Press, and pointing blog.domain.tld to the press.teleinteractive.net/blogname blog. But that’s for another day. And yes, I know that I’ll need to clean up the miami_blue skin.

As a quick check, I set up http://fortuna.macminicolo.net/index.html such that it pulled an image from the webfoot, and from the webroot/skins/miami_blue/img directory, and that worked fine.

The original blog is still running on Linux at http:// press.teleinteractive.net/

Thanks in advance for any help and advice.

Some debug information for https

detectblog:

skins:

  • Selected skin: miami_blue
  • blog_main: include skins/miami_blue/index.main.php (default handler)
  • skin_init: $disp=posts
  • skin_init: $disp=posts / $disp_detail=posts-default / $seo_page_type=Default page
  • skin_include (-): /Library/Server/Web/Data/Sites/Default/skins_fallback_v5/_html_header.inc.php
  • skin_include (Item #1010): /Library/Server/Web/Data/Sites/Default/skins/miami_blue/_item_block.inc.php
  • skin_include (Item #1010): /Library/Server/Web/Data/Sites/Default/skins_fallback_v5/_item_content.inc.php
  • skin_include (Item #1010): /Library/Server/Web/Data/Sites/Default/skins_fallback_v5/_item_feedback.inc.php
  • skin_include (Item #1009): /Library/Server/Web/Data/Sites/Default/skins/miami_blue/_item_block.inc.php
  • skin_include (Item #1009): /Library/Server/Web/Data/Sites/Default/skins_fallback_v5/_item_content.inc.php
  • skin_include (Item #1009): /Library/Server/Web/Data/Sites/Default/skins_fallback_v5/_item_feedback.inc.php
  • skin_include (Item #1008): /Library/Server/Web/Data/Sites/Default/skins/miami_blue/_item_block.inc.php
  • skin_include (Item #1008): /Library/Server/Web/Data/Sites/Default/skins_fallback_v5/_item_content.inc.php
  • skin_include (Item #1008): /Library/Server/Web/Data/Sites/Default/skins_fallback_v5/_item_feedback.inc.php
  • skin_include (Item #1007): /Library/Server/Web/Data/Sites/Default/skins/miami_blue/_item_block.inc.php
  • skin_include (Item #1007): /Library/Server/Web/Data/Sites/Default/skins_fallback_v5/_item_content.inc.php
  • skin_include (Item #1007): /Library/Server/Web/Data/Sites/Default/skins_fallback_v5/_item_feedback.inc.php
  • skin_include (Item #1006): /Library/Server/Web/Data/Sites/Default/skins/miami_blue/_item_block.inc.php
  • skin_include (Item #1006): /Library/Server/Web/Data/Sites/Default/skins_fallback_v5/_item_content.inc.php
  • skin_include (Item #1006): /Library/Server/Web/Data/Sites/Default/skins_fallback_v5/_item_feedback.inc.php
  • skin_include (-): /Library/Server/Web/Data/Sites/Default/skins_fallback_v5/_html_footer.inc.php

Some debug information for http

detectblog:

skins:

  • Selected skin: miami_blue
  • blog_main: include skins/miami_blue/index.main.php (default handler)
  • skin_init: $disp=posts
  • skin_init: $disp=posts / $disp_detail=posts-default / $seo_page_type=Default page
  • skin_include (-): /Library/Server/Web/Data/Sites/Default/skins_fallback_v5/_html_header.inc.php
  • skin_include (Item #1010): /Library/Server/Web/Data/Sites/Default/skins/miami_blue/_item_block.inc.php
  • skin_include (Item #1010): /Library/Server/Web/Data/Sites/Default/skins_fallback_v5/_item_content.inc.php
  • skin_include (Item #1010): /Library/Server/Web/Data/Sites/Default/skins_fallback_v5/_item_feedback.inc.php
  • skin_include (Item #1009): /Library/Server/Web/Data/Sites/Default/skins/miami_blue/_item_block.inc.php
  • skin_include (Item #1009): /Library/Server/Web/Data/Sites/Default/skins_fallback_v5/_item_content.inc.php
  • skin_include (Item #1009): /Library/Server/Web/Data/Sites/Default/skins_fallback_v5/_item_feedback.inc.php
  • skin_include (Item #1008): /Library/Server/Web/Data/Sites/Default/skins/miami_blue/_item_block.inc.php
  • skin_include (Item #1008): /Library/Server/Web/Data/Sites/Default/skins_fallback_v5/_item_content.inc.php
  • skin_include (Item #1008): /Library/Server/Web/Data/Sites/Default/skins_fallback_v5/_item_feedback.inc.php
  • skin_include (Item #1007): /Library/Server/Web/Data/Sites/Default/skins/miami_blue/_item_block.inc.php
  • skin_include (Item #1007): /Library/Server/Web/Data/Sites/Default/skins_fallback_v5/_item_content.inc.php
  • skin_include (Item #1007): /Library/Server/Web/Data/Sites/Default/skins_fallback_v5/_item_feedback.inc.php
  • skin_include (Item #1006): /Library/Server/Web/Data/Sites/Default/skins/miami_blue/_item_block.inc.php
  • skin_include (Item #1006): /Library/Server/Web/Data/Sites/Default/skins_fallback_v5/_item_content.inc.php
  • skin_include (Item #1006): /Library/Server/Web/Data/Sites/Default/skins_fallback_v5/_item_feedback.inc.php
  • skin_include (-): /Library/Server/Web/Data/Sites/Default/skins_fallback_v5/_html_footer.inc.php
Back to top

2 Mar 09, 2016 06:30

Hi @josephdp, you said this:

I’ve done this, and it works for the blogs in which I’ve changed the settings

Can you tell us which are those changes? How is the Settings > URLs section of your main collection configured (the one that you use to manage login/registration)?

Enabling secure navigation should be as simple as changing $baseurl from http://example.com to https://example.com.

Back to top

3 Mar 09, 2016 06:58

Thank you, @mgsolipa for replying.

As stated, when I hard code the $baseurl then I get browser errors for too many redirects, which I can correct with the URL and SEO settings for each blog, as recommended in the third reference. Unfortunately, then I can not get into the admin backoffice.

I have found a workaround that I've implemented this evening. I leave the cons/ _basic_config.php to use the parametric $baseurl, as in the second reference above, and then I change the URL setting for each blog to point the "Collection Base URL" to a hardcoded "Absolute URL" of https://fortuna.macminicolo.com/<blogname&gt;. This allows the outside world to see the blogs almost correctly [some CSS from the skins folders are still being blocked as the embedded URL is http not https. I can go to my server via screen sharing and use the web browser on the server to see the back office as http://localhost/admin.php - this sort of works but is not ideal.

The URL settings for the main collection, as well as each blog, which is being treated as collections themselves, are all the same now, as suggested in the third reference: Use param for each URL type, and uncheck Make canonical under SEO settings, plus the hard coding for an Absolute URL to https://... Under General Settings for the main collection, I see that "This is a "Blog" collection – A collection optimized to be used as a standard blog (with the most common features)." I do not see anythings that says this collection is used to manage login/registration.

I'm jumping from b2evolution 3.3.3 to 6.6.7, so there are a lot of changes to learn.

Thank you again.

Back to top

5 Mar 09, 2016 08:45

No blog collection is currently set for login/registration purposes. The login link on every blog page goes to the login page. I will read more in the manual as to the value of setting a collection for login/registration. But the main problem is that with the $baseurl hardcoded as https to use SSL, web browsers detect too many redirects. I see how to fix that through using param URLs and no canonicals for the blogs, but not for the back office.

I'll report back after I've read more in the manual for default collections. The SSL section wasn't any help before I started this posting.

Thank you @mgsolipa for your help.

Back to top

6 Mar 09, 2016 20:23

Hello @mgsolipa,

I read through the manual.

I did change the login/registration collection to our main collection. And then I switched back to the hardcoded $baseurl in conf/_basic_config.php

All this accomplished was to show a login form with the sidebars from the blog showing, and the blog's skin, rather than the default login page. When I clicked on backoffice, I still got "too many redirects" using two different browsers on yet another different machine, when trying to open https://.../admin.php.

I did try to change different settings in conf/_advanced.php for the $htsrv_url per reference 1 above, as shown below. None of these settings changed the behavior.

/**
 * Sensitive URL to the htsrv folder.
 *
 * Set this separately (based on {@link $htsrv_url}), if you want to use
 * SSL for login, registration and profile updates (where passwords are
 * involved), but not for the whole htsrv scripts.
 *
 * @global string
 */
$htsrv_url_sensitive = $htsrv_url;
//$htsrv_url_sensitive = 'https://.../'.$htsrv_subdir;
//$htsrv_url_sensitive = 'http://localhost/'.$htsrv_subdir;

If I leave conf/_basic_config.php to find the $baseurl programmatically and with each blog URL set to an absolute URL using https, I still get the following warnings in the developer plug-in to Safari 

[Warning] [blocked] The page at https://.../ was not allowed to run insecure content from http://.../rsc/build/b2evo_base.bmin.css?v=6.6.7-stable-2015-12-31. (tialife, line 16)

[Warning] [blocked] The page at https://.../ was not allowed to run insecure content from http://.../rsc/js/jquery.min.js?v=6.6.7-stable-2015-12-31.

[Warning] [blocked] The page at https://.../ was not allowed to run insecure content from http://.../rsc/js/build/colorbox.bmin.js?v=6.6.7-stable-2015-12-31.

[Warning] [blocked] The page at https://.../ was not allowed to run insecure content from http://.../rsc/css/colorbox/colorbox.css?v=6.6.7-stable-2015-12-31. (tialife, line 66)

[Warning] [blocked] The page at https://.../ was not allowed to run insecure content from http://.../rsc/css/basic_styles.css?v=6.6.7-stable-2015-12-31. (tialife, line 67)

[Warning] [blocked] The page at https://.../ was not allowed to run insecure content from http://.../rsc/css/basic.css?v=6.6.7-stable-2015-12-31. (tialife, line 68)

[Warning] [blocked] The page at https://.../ was not allowed to run insecure content from http://.../rsc/css/blog_base.css?v=6.6.7-stable-2015-12-31. (tialife, line 69)

[Warning] [blocked] The page at https://.../ was not allowed to run insecure content from http://.../rsc/css/item_base.css?v=6.6.7-stable-2015-12-31. (tialife, line 70)

[Warning] [blocked] The page at https://.../ was not allowed to run insecure content from http://.../rsc/js/ajax.js?v=6.6.7-stable-2015-12-31.

[Warning] [blocked] The page at https://.../ was not allowed to run insecure content from http://.../plugins/wikitables_plugin/wikitables.css?v=6.6.7-stable-2015-12-31. (tialife, line 75)

[Warning] [blocked] The page at https://.../ was not allowed to run insecure content from http://.../rsc/js/flowplayer/flowplayer.min.js?v=6.6.7-stable-2015-12-31.

[Warning] [blocked] The page at https://.../ was not allowed to run insecure content from http://.../rsc/css/mediaelement/mediaelementplayer.min.css?v=6.6.7-stable-2015-12-31. (tialife, line 99)

[Warning] [blocked] The page at https://.../ was not allowed to run insecure content from http://.../rsc/js/mediaelement/mediaelement-and-player.min.js?v=6.6.7-stable-2015-12-31.

[Warning] [blocked] The page at https://.../ was not allowed to run insecure content from http://.../rsc/css/videojs/video-js.min.css?v=6.6.7-stable-2015-12-31. (tialife, line 129)

[Warning] [blocked] The page at https://.../ was not allowed to run insecure content from http://.../rsc/js/videojs/video.min.js?v=6.6.7-stable-2015-12-31.

[Warning] The page at https://.../ was allowed to display insecure content from http://.../media/blogs/tialife/SensorAnalyticsEcosystem.JPG. (tialife, line 414)

[Warning] The page at https://.../ was allowed to display insecure content from http://.../media/blogs/tialife/k_type_thermocouple.gif. (tialife, line 435)

[Warning] The page at https://.../ was allowed to display insecure content from http://.../media/blogs/tialife/thermostat.jpg. (tialife, line 440)

[Warning] The page at https://.../ was allowed to display insecure content from http://.../media/blogs/tialife/ProgrammableThermostat.jpg. (tialife, line 443)

[Warning] The page at https://.../ was allowed to display insecure content from http://.../media/blogs/tialife/NestAirwave.png. (tialife, line 446)

[Warning] The page at https://.../ was allowed to display insecure content from http://.../media/blogs/tialife/SensorsMindMap.png. (tialife, line 449)

[Warning] [blocked] The page at https://.../ was not allowed to run insecure content from http://technorati.com/embed/ij3dercit.js.

If I go back to hardcoding the $baseurl then these errors go away for the blogs, but the backoffice can not be reached.

Thank you again for your help.

Back to top

7 Mar 12, 2016 20:16

@josephdp I'm sorry for the delay.

Let's put this straight, I'm unable to reproduce your issue and even to figure out what's going on with your site :(. Maybe it's easier and faster if you send temporary FTP and back-office access for me to take a direct look.

If you would like to do so, please send me the credentials by private message and I'll get back to you ASAP.

Thank you.

Back to top

8 Mar 14, 2016 08:09

@mgsolipa

No worries about any delay. b2evolution is true community open source, and I am thankful for any assistance or guidance.

I don't have ftp setup on the host machine as yet. Also, the backoffice can not be reached via https [SSL] as with conf/_basic_config.php hardcoded as follows, admin.php can not be reached as browsers give the error "too many redirects":

$baseurl = 'https://fortuna.macminicolo.net/';

With conf/_basic_config.php set to find the base URL programmatically, as follow, admin.php shows without any skin, and is fair well unusable. 

if( isset($_SERVER['HTTP_HOST']) )
{       // This only works if HOSt provided by webserver (i-e DOES NOT WORK IN PHP CLI MODE)
        $baseurl = ( (isset($_SERVER['HTTPS']) && ( $_SERVER['HTTPS'] != 'off' ) ) ?'https://':'http://')
                                                        .$_SERVER['HTTP_HOST'].'/';
}

As the host machine is a Mac, I am using screen sharing to get into admin.php as localhost from within the machine. A crude workaround for now, but it does allow me to use the backoffice. I just comment out the hardcoded base URL to do so.

I have some other obligations for the next few days, but I'll figure something out and get back to you.

Thank you again for all of your help.

Back to top

9 Mar 21, 2016 23:57

@josephdp seems to be an issue with reverse proxy or something like that. I already sent you a PM.

Back to top

10 Mar 22, 2016 02:31

Thank you very. very much @mgsolipa - once again, b2evolution shows the superiority of its community support.

Back to top


Form is loading...