Announcement

Collapse
No announcement yet.

How to enable HTTPS in KVS tube script

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • How to enable HTTPS in KVS tube script

    Here are some important notes and prerequisites before you start
    1. In order to use HTTPS on your site you should purchase SSL certificates for your domain and all subdomains you are using with KVS project. This includes all remote storage servers as well, since any files loaded on your project, including video files should be served via HTTPS to get the full coverage.
    2. HTTPS may produce additional load on your server because of additional layer of traffic encryption.
    3. If you are using Nginx, HTTPS should be configured at Nginx level. Nginx serves static files and they need to be served via HTTPS as well.
    4. All 3rd-party scripts and advertising you are using should support HTTPS as well, otherwise they will trigger warnings in browsers and will distract your users.

    How to enable HTTPS in KVS tube script

    1) Configure HTTPS for domain and all subdomains you are using for KVS project. This should be done at Nginx level for projects that work via Nginx. Test how HTTPS works:
    https://yourdomain.com/robots.txt
    https://www.yourdomain.com/robots.txt (if your project works under www)

    If you are using CDN or remote storage servers, check how HTTPS works for all of them.

    NOTE: configuring HTTPS at server level is not covered by this guide. Please refer to Nginx / Apache official documentation on this.

    2) In admin panel go to Settings -> Storage servers and for each storage server modify URL field to point to https://, e.g.:
    Code:
    https://yourdomain.com/contents/videos
    Check your frontend if videos and albums are displayed correctly. At this point they should be served via HTTPS, while your site is still working under HTTP.

    3) Go to Website UI -> Search in templates and search contents for http:// text. You should only get a set of Sitemap related page and blocks. If you have other usages of http:// to refer static files or advertising, you should either fix them to https:// or stop using them. Once your site will be switched to HTTPS every image, CSS or JS file loaded via http:// will trigger browser warning, this is not what you need.

    NOTE: using http:// in sitemap is not a problem, as sitemap doesn't use any static resources, like images or styles. Using http:// in links is also legal and will not be an issue (e.g. <a href="http://xxxxx">Link</a>).

    NOTE: instead of using http:// or https:// implicitly you can omit protocol and specify only //. This will force browser to automatically decide whether to load this resource via HTTPS or HTTP, for example:
    Code:
    <script src="//www.google.com/recaptcha/api.js"></script>
    4) Go to Website UI -> Advertisements and check all your ads to be loaded via https:// or // (please see the note above).

    5) In /admin/include/setup.php change all URLs to https://. In most cases you only need to change this setting:
    Code:
    $config['project_url']="https://www.kvs-demo.com";
    However there can be other settings referring direct URLs as well. So search the whole file for http:// and change all usages to https://.

    NOTE: KVS will reset all cache after you change project URL. If you have much traffic on your site, your server may be overloaded for some time until the new cache is populated.

    6) In main .htaccess file change all URLs to https:// as well. In most cases you will only have this line:
    Code:
    RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [R=301,L]
    7) Open your site via HTTPS protocol and make sure that everything is displayed correctly. Starting from this point your site will fully work on HTTPS.

    8) It is recommended to configure 301 redirect for all HTTP requests to HTTPS so that there is no duplicate content available under different protocols. This redirect should be set globally in Nginx configuration (or Apache configuration if your server is not running under Nginx).

    NOTE: configuring redirect at server level is not covered by this guide.


    Troubleshooting

    1) Design is not displayed properly when using HTTPS. Most probably you didn't switch all static resources to be loaded via https://. Open source code of your page and search for http:// text. Once you located the URL of static resource referred by http://, go to Website UI -> Search in templates in admin panel and try searching for template which renders this URL. Fix to https://.

    2) On some pages browser shows insecure warning. This problem is caused by the same issue as above. Some parts of your page are trying to use resources via insecure HTTP protocol and that's why browser shows the warning.
Working...
X