I don't get ot. What is your question? Do you or don't you have a secure hosting site and do you or don't you want to run it secure?

Good luck

I would imagine (i may be wrong), that you would only really need the admin part of b2e to be accessed from a secure login, and not the blogs themselves...???

The post you linked would appear to be the answer you need?

¥

I did wonder, just with it being an old post for an earlier version... thought I would check, but I should have just been a bit braver!! typical n00b behaviour fear of the unknown!!!

Will give it a go and see...

I would have assumed that this would be the way most installs would be achieved, http access for visiting, and htps for admin... but then I suppose not everyone has https accessibility...

Thanks for yu patientce :D

Can I assume then... that to do this

Use a https-URL for $htsrv_url. 

E.g. in /conf/_advanced.php set $htsrv_url to: 
Code: 
$htsrv_url = 'https://'.substr( $baseurl, 7 ).$htsrv_subdir; // cut off "http://" from $baseurl 

or just 
Code: 
$htsrv_url = 'https://example.com/htsrv/'; 

I would simply instal b2e to http dir, then move the htsrv dir to a https locaiton, then re-reference the above to point to it??

lol.. there I go agian..be brave.. Ill give it a go a see what happens!!

Looks like this coule be quite messy.. may have to rereference quite a bit of the script to get it working, links on pages are pointing back to the wrong locaitons....

How do people generally install this, all to https?? surely you wouldnt want to install the whole script to a non secure dir???

drweb wrote:

Looks like this coule be quite messy.. may have to rereference quite a bit of the script to get it working, links on pages are pointing back to the wrong locaitons....

How do people generally install this, all to https?? surely you wouldnt want to install the whole script to a non secure dir???

I am very far from expert (or even intermediate) on these matters and administer my server via the hand-holding Plesk control panel. But Plesk gave me the option to server https out of the same directory as http. I had to chose that config for the domain to make secure log-in work as per the instructions in http://forums.b2evolution.net//viewtopic.php?t=9135. And it does work, without any rewriting of scripts.

hth,

kazar

I have the latest version 2.4.0/RC2.

I tried the "security" coding but it didn't seem to work in the file mentioned or with htaccess. Any suggestions?

One message that I received was "Error code: 12263" when I changed the advanced.php file.