We're aware that embedded non-SSL videos will be blocked by browsers, but is there anything else we should be letting people know about?
Can anyone give us some hints on things to look out for when moving a server to full HTTPS? We'll be rewriting incoming links to HTTPS, so that should be OK, but I'm trying to understand what effect it may have on existing content.
We're aware that embedded non-SSL videos will be blocked by browsers, but is there anything else we should be letting people know about?
We're aware that embedded non-SSL videos will be blocked by browsers, but is there anything else we should be letting people know about?
You'll need to change existing internal links (use the inbuilt functionality: https://docs.moodle.org/33/en/Search_and_replace_tool).
Change the $CFG-> wwwroot in config.php
Run the Search & Replace tool
Change any hard links in your courses to use HTTPS.
Ensure you have your web server (or use htaccess) to force HTTPS, so it'll automatically redirect non-HTTPS requests to HTTPS.
When we switched over, we also had some issues with http embeds in SCORM packages. The search and replace tool won't catch anything inside something like that. If you have any of those types of activities, you will need to go through and check for things like an embedded youtube video that uses http, or other assets or javascript libraries that are hardcoded to use http rather than just a relative path.
Has anyone used this tool recently?
https://github.com/moodlerooms/moodle-tool_httpsreplace
We are running version 3.2 and so far I have not been able to get the script to generate a report which I believe it is supposed to do. The script starts running as I can see the queries running when I trigger it (both through the web interface and I have also tried CLI) and then it seems to just stop, with no PHP errors being generated. The only thing I can think of is that we do not have slash arguments on and we have a custom proxypassmatch in httpd.conf due to using PHP-FPM.
oh.. and we are running load balanced farm with F5. Thinking that shouldn't affect anything though...
EDIT .. turns out I am getting errors.. HAH
[proxy_fcgi:error] : failed to make connection to backend: httpd-UDS
[proxy:error] (111)Connection refused: AH02454: FCGI: attempt to connect to Unix domain socket /var/opt/rh/rh-php56/run/php-fpm/php-fpm.sock failed
.. actually not even sure if these errors are related to attempting to run the script now since I have stopped the process but those same errors are being generated. Odd.
UPDATE - errors were generating from something else, httpsreplace script ran fine on our 3.2 version and provided a report of problematic domains. Now to test the fix!!