Issue http/https

[sKoop]

Hi guys.. i am not very sure where to post about this issue but im giving a try and hope to get some ideeas where this might come maybe.

So i have a small website with a members database.. the website itself it has SSL and works properly on a https connection. The problem comes when a member tries to access via http. Unfortunetaly on a page i have to keep it http due to some ads that i display there and dont work on https.

If a member logs in and surfs the website via https everything is working perfectly.. but when he changes and tries to access via http he automatically gets logged out.. if he tries to login via http he also cant and gets an error with an invalid token.

So basically i think my database cant connect when accessed by http..

Any of you ever encountered this issue ? Or maybe have some ideeas where this issue is coming from ?

 

Thanks and any ideea or help very appreciated

[gw1500se]

You probably want to do a redirect from http to https. While this can be done in PHP (not recommended) is it better to do it with httpd controls. Assuming you are running Apache make sure you have the rewrite module loaded. Look for this line in your httpd.conf file:

LoadModule rewrite_module modules/mod_rewrite.so

If it is not there, add it. Then create the following '.htaccess' file in the directory that contains the pages you want to protect:
 

RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]

Restart httpd and you should be good to go.

[requinix]

4 hours ago, sKoop said:

Unfortunetaly on a page i have to keep it http due to some ads that i display there and dont work on https.

You need to address this. Everything should be HTTPS nowadays and there is no good reason why anything should not be. Especially when it comes to content like advertising - that needs to be served in a secure way.

I cannot believe there is no way to get those ads working over HTTPS. Check their documentation, complain to support, whatever.