Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
en:web:web-hosting:web-management:certificat-ssl [2016/05/30 17:45]
dedibox ↷ Links adapted because of a move operation
en:web:web-hosting:web-management:certificat-ssl [2018/08/10 13:12] (current)
dedibox [HTTPS with Wordpress]
Line 1: Line 1:
-====== HTTPS on cloud/web hostings ======+====== HTTPS on cloud and web hostings ====== 
 + 
 +<note tip>  
 +**Requirements:​** 
 +  * You have an account at [[https://​console.online.net|console.online.net]]\\ 
 +  * You have a web or cloud hosting 
 +</​note>​
  
 {{en:​web:​web-hosting:​web-management:​https-twitter-lien-raccourci.jpg|}} {{en:​web:​web-hosting:​web-management:​https-twitter-lien-raccourci.jpg|}}
  
-Online.net proposes now the usage of HTTPS on its cloud hostings ​by default. ​+Online.net proposes now the usage of HTTPS on all its web and cloud hosting offers ​by default. ​
  
-HTTPS allows to securize ​the exchanges between the client (visitor of your site) and the server (our platform)\\+HTTPS allows to secure ​the exchanges between the client (visitor of your site) and the server (our platform)\\
 It usually preferred for online shops, but HTTPS becomes more and more a standard on the web. \\ It usually preferred for online shops, but HTTPS becomes more and more a standard on the web. \\
  
  
-The certificate is automatically managed by [[https://​letsencrypt.org/​|[[{{:en:​web:​web-hosting:​cloud-management:​letsencrypt-logo-horizontal.png?​100|}}]]\\+The certificate is automatically managed by [[https://​letsencrypt.org/​|{{en:​web:​web-hosting:​web-management:​letsencrypt-logo-horizontal.png?​100|}}]]\\
  
-It is a new iniative ​that allows to generate SSL certificates that are known by all browsers and it is free. +It is a new initiative ​that allows to generate SSL certificates that are known by all browsers and it is free.
- +
-<​note>​ +
-SSL is only compatible with OS/browsers that support SNI (https://​en.wikipedia.org/​wiki/​Server_Name_Indication). +
-This means that the following clients can't connect to sites hosted in HTTPS: +
-  * Windows XP (IE6/IE7) +
-  * Android 2.x +
-  * Versions below iOS 4 (iPhone) +
-</​note>​+
  
 ===== Conditions ===== ===== Conditions =====
-    - You have a ESSENTIAL ​or PERFORMANCE ​cloud hosting +    - You have a web or cloud hosting ​at Online.net 
-    - You have configured a DNS record pointing to pfXXX.mutu-perf.online.net ​[212.47.231.228( A record for the domain and an A or CNAME record for each subdomain (or A * / CNAME *)+    - You have configured a <​nowiki>​DNS</​nowiki> ​record pointing to your platform: 
 + 
 +  * WEB HOSTING : pfXX-web.online.net **62.210.16.61** or **62.210.16.62** 
 +  * CLOUD HOSTING : pfXXX.mutu-perf.online.net ​**212.47.231.228** ( A record for the domain and an A or CNAME record for each subdomain (or A * / CNAME *)
  
 ===== How does it work? ===== ===== How does it work? =====
Line 29: Line 30:
 Upon the creation of a subdomain or at each addition of an alias / linked domain a certificate is generated. ​ Upon the creation of a subdomain or at each addition of an alias / linked domain a certificate is generated. ​
  
-The site is then accessible via http://​www.domain.tld or https://​www.domain.tld+The site is then accessible via <​nowiki>​http://​www.domain.tld</​nowiki> ​or <​nowiki>​https://​www.domain.tld</​nowiki>​ 
 + 
 +<note tip>SSL is enabled by default for all **WEB** and **CLOUD** hostings and does not require configuration from your side.</​note>​ 
 + 
 +<​note>​ 
 +SSL is only compatible with <​nowiki>​OS</​nowiki>/​browsers that support SNI (https://​en.wikipedia.org/​wiki/​Server_Name_Indication). 
 +This means that the following clients can't connect to sites hosted in HTTPS: 
 +  * Windows XP (IE6/IE7) 
 +  * Android 2.x 
 +  * Versions below iOS 4 (iPhone) 
 +</​note>​
  
 ===== How to force HTTPS for the whole site ===== ===== How to force HTTPS for the whole site =====
-To force a site to accept SSL, such as a CMS, simply add the .htaccess file the following code:+To force a site to accept SSL, such as a <​nowiki>​CMS</​nowiki>​, simply add the following code to the .htaccess file:
  RewriteEngine On  RewriteEngine On
  RewriteCond %{HTTP:​HTTPS} !on  RewriteCond %{HTTP:​HTTPS} !on
Line 45: Line 56:
 ===== Error messages ===== ===== Error messages =====
  
-There are two types of errors ​that may occour.+==== The Mixed Content issue ==== 
 + 
 +When using HTTPS, it needs to be used everywhere.\\ 
 +It means that all the loaded elements on the webpage (pictures, CSS, <​nowiki>​JavaScripts</​nowiki>​) have to be loaded through HTTPS as well. 
 + 
 +A website that loads for example <​nowiki>​JavaScript</​nowiki>​ scripts or external images by http, will display a https alert in the browser (e.g.: "non Secure Content"​). 
 + 
 +In some cases it could not display it (Chrome did that in some cases).
  
 ==== Insecure connection ==== ==== Insecure connection ====
Line 51: Line 69:
 {{:​en:​web:​web-hosting:​cloud-management:​selection_008.png?​500|}} {{:​en:​web:​web-hosting:​cloud-management:​selection_008.png?​500|}}
  
-This may happen for example if the subdomain ​does not exist in the certificate. ​+This may happen for example if the sub-domain ​does not exist in the certificate. ​
  
-In this case, you need to add the subdomain ​in the console, or if it exists already to add/deltete ​it - or to create another ​subdomain ​(this will force the regeneration of the certificate) ​+In this case, you need to add the sub-domain ​in the console, or if it exists already to add/delete ​it - or to create another ​sub-domain ​(this will force the regeneration of the certificate) ​
  
 ==== Connection error ==== ==== Connection error ====
Line 60: Line 78:
  
 This means there is no certificate for this domain. ​ This means there is no certificate for this domain. ​
-You need to verify the DNS records and force the regeneration by creating a subdomain+You need to verify the <​nowiki>​DNS</​nowiki> ​records and force the regeneration by creating a sub-domain
  
 +==== HTTPS with Wordpress ====
  
-==== Notes==== ​+When using Wordpress, you may encounter **Too many redirections** errors in your web browser.
  
-When using https, it needs to be used everywhere.+This can be fixed by installing the [[https://​wordpress.org/​plugins/​really-simple-ssl/​|Really Simple HTTPS]] plugin.
  
-For example a site that loads for example ​<​nowiki>​JavaScript</​nowiki> ​scripts or external images by httpwill display ​https alert in the browser (style "non Secure Content"​).+Make sure that your <​nowiki>​DNS</​nowiki> ​zone is configured to the correct hosting platformdepending on if you are using **Cloud** or **Web** hosting
  
-In some cases it could not display it (Chrome did that in some cases).+When using the plugin, make sure that the following lines are **not** present ​in your ''​*.htaccess''​ file:  
 + 
 +<​code>​ 
 +RewriteEngine On 
 +RewriteCond %{HTTP:​HTTPS} !on 
 +RewriteRule (.*) https://​%{SERVER_NAME}/​$1 [QSA,​L,​R=301] 
 +</​code>​
  
 +<note tip>If you have installed Wordpress according to the Wordpress documentation,​ simply replace in the table (prefix)_options the siteurl and home entries from https to http before installing the aforementioned plugin.</​note>​