I'm using Charles Proxy to rewrite code on website, just for testing a client's site.
Rewriting works on every website, except from sites on https.
Charles has the option to choose the protocol (http or https), but that doesn't work either.
Every rewrite works well on http, not on https.
What am I doing wrong?!
it is best to add a site as *
that way all https sites will show in charles.
when adding the site simply put * instead of domain.com
Double check that the Enable SSL Proxy is ticked and that you have entered the domain in the Proxy > Proxy Settings > SSL section.
Related
I am trying to get SSL working on a Windows server that is hosting our Umbraco sites. We have numerous sites all working within the same Umbraco installation and I have done the binding of the main domain to the SSL certificate on the server and set umbracoUseSSL to true. I have also added the domain with the https part to the culture and hostnames in umbraco.
The above is not working when I type my domain with the https?
My question is since I have not placed a UrlReWrite redirect from http to https is this the reason why I cannot see my website with the https or is it to do with something else?
When I pass an URL to load a website, say, http://yoururl.com, it redirects to https://yoururl.com
I mean, passing an URL with HTTP automatically redirects as https://yoururl.com in the browser URL.
#driver.get("http://yoururl.com")
Browser used: Chrome
Is there a way to stop redirecting the HTTP url as HTTPS?
The Chrome 63 and above versions will no longer take HTTP with domain .dev since you are in the local/dev environment.
https://iyware.com/dont-use-dev-for-development/
Chrome 63 (out since December 2017), will force all domains ending on
.dev (and .foo) to be redirected to HTTPS via a preloaded HTTP Strict
Transport Security (HSTS) header
https://ma.ttias.be/chrome-force-dev-domains-https-via-preloaded-hsts/
There are couple of reasons this would happen.
Redirection at load balancer or reverse proxy level.
This can be fixed by altering web server or LB configuration.
As browsers getting smarter everyday, when you open an https url is browser then next time if you even want to open http url it'll by default go to https because browser already knows that the site supports https as well. So it'll prefer to use secured communication rather text when it is available.
Here is some help for second case https://superuser.com/questions/565409/chrome-how-to-stop-redirect-from-http-to-https
Is there a way on a Google Search Appliance to enable optional https?
Under settings, under the heading Force secure connections when serving the options are:
No.
Use HTTPS when serving secure results, but not when serving public results.
Use HTTPS when serving both public and secure results.
I don't want to Force secure connections though, I want them to be optional.
ie, if someone requests the site as HTTP it serves as HTTP and if they request it as HTTPS it serves as HTTPS.
If I choose the 1st or 2nd options it accepts connections on HTTPS but immediately redirects to HTTP (ie, it forces HTTP). And the 3rd option forces HTTPS.
Is there any other settings that would enable it to accept HTTPS optionally?
You must install a valid ssl certificate or create a self-signed certificate. (Administration->SSL Settings)
In SSL Settings->Other Settings->"Force secure connections when serving?" you must select either: 'a' or 'b'
a. "Use HTTPS when serving secure results, but not when serving public
results."
b. "Use HTTPS when serving both public and secure results."
Unless all requests are coming from https, chances are you will select 'a'.
If 'b' is selected, you will receive an "unknown error" if sending query over standard http.
Now here's the major caveat:
Your observation that https still redirects to http, even with 'a' selected, is correct. The only method that I am aware of to force SSL when serving results with option 'a' is to send the additional 'access' query parameter '&access=a'
'a'=all
'p'=public (default)
https://www.google.com/support/enterprise/static/gsa/docs/admin/72/gsa_doc_set/xml_reference/request_format.html#1087053
BEWARNED: Depending on how your GSA is configured, there may be privacy implications if your organization maintains public collections containing private urls requiring authentication. URLS that require auth will be served right along with the rest of your results.
Changing the settings you mention to "No" will cause the GSA to use whatever protocol you started the experience with to be used.
Choosing the other options will cause the GSA to switch protocols.
Edit - It looks like this not possible. It doesn't matter what you request, the GSA will redirect based on the config.
If you create an SSL certificate for your GSA's host name and install the valid SSL certificate then it should serve results on port 443 (HTTPS) correctly.
i.e. if your GSA is "search.mydomain.com" then create a properly signed SSL certificate in that name and install to the GSA.
Typically this works without a certificate but the browser will show a warning message due to no SSL certificate / invalid SSL certificate.
I've pushed my website's DNS through Cloudflare and is now experiencing redirect loops when accessing admin and checkout pages.
The redirect is - http://postimg.org/image/ehq0kjcw1/
My Magento setup
Community 1.9
Cache management has been disabled
Index management has also disabled
Clear all cache
I've followed every steps (except step 4 about restoring visitor IP) mentioned in Cloudflare's article, but I am still having the redirect loop problem. Here are my cloudflare page rules.
This redirect loop problem occurs with or without Cloudflare flexible SSL turned on.
Does anyone has any idea?
If your server supports SSL, you should generally use Full SSL instead of flexible:
https://support.cloudflare.com/hc/en-us/articles/200170416-What-do-the-SSL-options-Off-Flexible-SSL-Full-SSL-Full-SSL-Strict-mean-
This ensures you don't have any weird redirect logic taking place with CloudFlare, since Flexible SSL redirects HTTPS requests to HTTP at the backend.
You could get a redirect loop by having conflicting redirects on your server and/or with PageRules.
Example:
You have one redirect saying send domain.com to www.domain.com, then you have another redirect saying send www.domain.com to domain.com.
If you have access to terminal on your computer, then try running this command to see what is returned in the location field on the URL the error happens on:
curl -v http://yourdomain.com (replace with the actual URL).
I have gotten an excellent and simple answer from Cloudflare support.
I just need to simply use Full SSL instead of Flexible SSL.
Printscreen - http://i.stack.imgur.com/FWl0Y.png
I think my Magento has a secure base URL defined and it tries and redirects to HTTPS when I access a secure page.
I'm trying to redirect all https traffic to http using this in Sinatra
get "*" do
if request.secure?
redirect request.url.gsub(/^https/, "http")
else
pass # continue execution
end
end
However, on a custom domain on heroku, my browser shows me the error:
This is probably not the site you are looking for!
You attempted to reach www.[domain].com, but instead you actually reached a server identifying itself as *.heroku.com.
My DNS is configured with the www subdomain having a CNAME pointing to [domain].herokuapp.com as per https://devcenter.heroku.com/articles/custom-domains
Is this a DNS issue? Is buying a SSL certificate the only way to allow all https traffic to redirect to http, on heroku?
If you were going to use that code then I'd make it a before filter, as that's really what it is.
However, if you've received a request at the application layer (which is where your Sinatra app sits on Heroku) then you need a certificate because the HTTP layer (where the Nginx proxy servers that deal with this sit) has already received the request and will attempt to deal with it as a secure connection but fail/raise an error because there's no certificate. That is the message you'll get if you try and reach an non SSL page/site via the https URI scheme. You can still access the site but the user has to click past a scary warning.
The only way I know of that may work without a certificate (but looking at this answer probably not) is if you had access to the Nginx configuration and did the rewrite of the URL (and probably some headers) there.