Simple question about https

Simple question about https

by curt bixel -
Number of replies: 3

I am trying to increase the security of my moodle installation.  I am running 2.9 on a server at cloudways.  I have 3 steps I need to do:

  1. Upgrade to moodle 3.4
  2. Move the "moodledata" folder out of the public_html and into the private_html folder.
  3. get encryption up and running.  the whole https:// thing instead of just http://
I think I have number 1 and 2 pretty much figured out.

For the encryption, I now have an SSL certificate, and can even get the site running fine, but as soon as I add a redirect to the .htaccess file, it breaks all the formatting on my page.

Below is the redirect.  It is currently commented out, and my site runs fine.  As soon as I get rid of the # things, then the site loads, but the formatting is all funky.  Any ideas?

#RewriteEngine On
#RewriteCond %{HTTP:X-Forwarded-Proto} !https
#RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]



Average of ratings: -
In reply to curt bixel

Re: Simple question about https

by Rick Jerz -
Picture of Particularly helpful Moodlers Picture of Testers

I am not an expert on these matters.

When you switched to https, did you edit your Moodle's config.php file and also make the change to https?

Average of ratings: -
In reply to curt bixel

Re: Simple question about https

by Ken Task -
Picture of Particularly helpful Moodlers

First make sure you have a backup of database ... sql dump.

In moodle, the wwwroot variable in config.php has been used .... as it always has been, you just didn't know it ... to build internal links to the moodle.   All those links are still http://.

So the one thing you've not done can be done via http://site/admin/tool/httpsreplace/

Once that is done, may as well remove/erase any sql dumps you have ... all of them have http:// ... and then make one more backup.  Now the backup is current and has https:// in the data.

'spirit of sharing', Ken

Average of ratings: -