Setting up SSL in CMS Made Simple

  Previous article Next article  

Setting up SSL in CMS Made Simple

  Article optimized for CMSMS 2.x

  Author:
  Last tested in: CMSMS 2.1.6
  Last updated: 20-01-2017
  Comments: 1

SSL (Secure Sockets Layer) is a cryptographic protocol that provide communications security over the internet. Let's Encrypt SSL provides free SSL certificates, when your host provides popular control panels like cPanel or Plesk the installation is very easy.

Issue a new certificate in your control panel for your domain. A new key and certificate will be added to the servers SSL/TLS manager.

  How to use

Change (or add) in your CMS Made Simple™ config.php file the URL settings.

$config['root_url'] = 'https://www.website.com';
$config['admin_url'] = 'https://www.website.com/admin';

At this point your website will use a secure https connection. But you might have to do some checks...


1. CDN urls for i.e. jQuery or Font Awesome libraries need to use https:// instead of http://.
Even better don't use any http(s): at all, because this works in both cases:

<script src="//code.jquery.com/jquery-latest.min.js" type="text/javascript"></script>

Don't forget to check your CMSMS™ stylesheets for external URLs!

Tip: Use The AdminSearch module to search in all content and templates for src="http://


2. Hardcoded URLs at your site needs to be changed so they use https:// in internal links and image paths.


3. Redirect all incoming URLs to use https://

In the /docs folder from your CMS Made Simple install you will find a extended default .htaccess file, named htaccess.txt. If you don't use a .htaccess file in your website root already, copy this file there and rename it to .htaccess.

Prefered https://www.website.com

#
# The following is to enable pretty URLs, only applicable if url_rewriting is set to 'mod_rewrite' in the config.php
#
<IfModule rewrite_module>
  RewriteEngine on
  # If your CMSMS installation is in a subdirectory of your domain, you need to specify the relative path (from the root of the domain) here.
  # In example: RewriteBase /[subdirectory name]
  RewriteBase /

# +++++ ADD THIS - START +++++
  # Link to http(s)://website... then redirect to https://www.website...
  RewriteCond %{HTTP_HOST} !^www\. [NC]
  RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [R=301,L]

  # Force URLs have https instead of http
  RewriteCond %{HTTPS} off
  RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# +++++ ADD THIS - END +++++

# Rewrites URLs in the form of /parent/child/grandchild but only rewrites if the requested URL is not a file or directory.
  RewriteCond %{REQUEST_FILENAME} !-f
  RewriteCond %{REQUEST_FILENAME} !-d
  RewriteRule ^(.+)$ index.php?page=$1 [QSA]
</IfModule>

Prefered https://website.com

#
# The following is to enable pretty URLs, only applicable if url_rewriting is set to 'mod_rewrite' in the config.php
#
<IfModule rewrite_module>
  RewriteEngine on
  # If your CMSMS installation is in a subdirectory of your domain, you need to specify the relative path (from the root of the domain) here.
  # In example: RewriteBase /[subdirectory name]
  RewriteBase /

# +++++ ADD THIS - START +++++
  # Link to http(s)://www.website.com then redirect to https://website.com
  RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
  RewriteRule ^(.*)$ https://%1/$1 [R=301,L]

  # Force URLs have https instead of http
  RewriteCond %{HTTPS} off
  RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# ++++++ ADD THIS - END +++++

# Rewrites URLs in the form of /parent/child/grandchild but only rewrites if the requested URL is not a file or directory.
  RewriteCond %{REQUEST_FILENAME} !-f
  RewriteCond %{REQUEST_FILENAME} !-d
  RewriteRule ^(.+)$ index.php?page=$1 [QSA]
</IfModule>

To test it you probably need to clear the browser cache first.
I noticed it sometimes needs some time to let it all work... Doesn't it work at once for you, give it a few hours and try again later.


A2 Webhosting CMS Made Simple

  Working example



A2 Webhosting CMS Made Simple

  Comments

  Click here to leave a comment






This is a captcha-picture. It is used to prevent mass-access by robots. (see: www.captcha.net)
  « Enter the CAPTCHA code (lower case)

Your IP address will be stored on submit. I reserve the right to change or delete your response without notice!
In case of abuse your IP address will be blocked!


Can I have your attention for a moment?

Did this tutorial help you solving a problem at your (clients) website and it saved you many hours of work? Great!!
Consider buying Rolf a cup of coffee in return! [ Click here ]


  1 Comment

CMS Made Simple 2.1.6 - Tutorials, tips and tricks - CMSMS 2.1.6

Setting up SSL in CMS Made Simple

  Article optimized for CMSMS 2.x

  Author:
  Last tested in: CMSMS 2.1.6
  Last updated: 20-01-2017
  Comments: 1

A2 Webhosting CMS Made Simple