I wanted to change my site from http
to https
. Always.
So I configured my apache accordingly. Now when I enter the URL of my site (https://steamnet.de) it loads the index site fine but none of the referenced elements (CSS, images etc.)
It seems to me that it does so because the base href
is set to http://steamnet.de/
and thous does not use https
there. I have configured my firefox that it should not load mixed content.
So how can I tell Joomla to set the base href
to https://steamnet.de
(or otherwise make the site fully ssl
?)
I tried to set the global ssl enforce element of joomla configuration ("SSL erzwingen" in german, $force_ssl
in configuration.php
) to "everything" but then the site breaks with infinite 303
error redirecting to itself. (As an afterthought: I was surprised to find a 303
instead of 301
here. If someone could explain that I would be grateful)
(Laoneo suggested some solutions, that did not work out, for completeness here is the list)
$live_site
to the https
url.$sef
and $sef_rewrite
helps.The apache logs:
access.log
91.42.221.000 - - [03/Nov/2013:12:41:25 +0100] "GET / HTTP/1.1" 303 4854 "-" "Mozilla/5.0 (Gecko) Firefox/64"
91.42.221.000 - - [03/Nov/2013:12:41:25 +0100] "GET / HTTP/1.1" 303 516 "-" "Mozilla/5.0 (Gecko) Firefox/64"
91.42.221.000 - - [03/Nov/2013:12:41:25 +0100] "GET / HTTP/1.1" 303 516 "-" "Mozilla/5.0 (Gecko) Firefox/64"
error.log
contains nothing on access, but the following lines on reload
[Sun Nov 03 12:41:16 2013] [notice] Graceful restart requested, doing restart
[Sun Nov 03 12:41:16 2013] [error] (9)Bad file descriptor: apr_socket_accept: (client socket)
[Sun Nov 03 12:41:17 2013] [warn] RSA server certificate CommonName (CN) `Angelo Neuschitzer' does NOT match server name!?
[Sun Nov 03 12:41:17 2013] [notice] Apache/2.2.16 (Debian) PHP/5.3.3-7+squeeze17 with Suhosin-Patch proxy_html/3.0.1 mod_ssl/2.2.16 OpenSSL/0.9.8o configured -- resuming normal operations
I'm sorry, but I don't think the current answer is really correct. This answer promotes a hack and goes around the problem. The next time you update Joomla, you'll have to update the core file, because it is going to be overriden.
Actually if we look in the code for JURI in getInstance we can see this:
// Determine if the request was over SSL (HTTPS).
if (isset($_SERVER['HTTPS']) && !empty($_SERVER['HTTPS']) && (strtolower($_SERVER['HTTPS']) != 'off'))
{
$https = 's://';
}
else
{
$https = '://';
}
The question is why are there servers where $_SERVER['HTTPS'] is obviously not initialized. Although I can't tell you why, what I found out to work is adding this lines to the .htaccess file at the begining:
<IfModule mod_env.c>
SetEnv HTTPS on
</IfModule>
By doing this $_SERVER['HTTPS'] seems to be initialised and Juri::current will return what we expect - an url starting with https.