OFBiz OFBiz - Dev

"Not Secure" in the Google Chrome browser

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
17 messages Options
Ashish Vijaywargiya-4
Reply | Threaded
Open this post in threaded view
|

"Not Secure" in the Google Chrome browser

Ashish Vijaywargiya-4
Hello Team,

I think we should put some effort and make it work like if some user hits
http://ofbiz.apache.org(default port http) then the user is redirected to
https://ofbiz.apache.org(Secure port https)

For now, the user sees a message "Not Secure" in the Google Chrome browser
URL if the user comes to the official ofbiz website. This message can
confuse the end user and he can move away if he is the new user visiting
the project website.

This issue can be easily addressed by setting up the apache redirects. This
change will also help the project URLs from SEO point of view.

Please share your thoughts then we can plan the things accordingly.
Thanks!

--
Kind Regards
Ashish Vijaywargiya
HotWax Systems - est. 1997 <http://www.hotwaxsystems.com/>
jsmith_dev
Reply | Threaded
Open this post in threaded view
|

Re: "Not Secure" in the Google Chrome browser

jsmith_dev
Can you please leave it in the state 'enabled'

I will manually trigger another backup once you have completed this.

On Sun, Sep 30, 2018 at 3:01 PM Ashish Vijaywargiya <
[hidden email]> wrote:

> Hello Team,
>
> I think we should put some effort and make it work like if some user hits
> http://ofbiz.apache.org(default port http) then the user is redirected to
> https://ofbiz.apache.org(Secure port https)
>
> For now, the user sees a message "Not Secure" in the Google Chrome browser
> URL if the user comes to the official ofbiz website. This message can
> confuse the end user and he can move away if he is the new user visiting
> the project website.
>
> This issue can be easily addressed by setting up the apache redirects. This
> change will also help the project URLs from SEO point of view.
>
> Please share your thoughts then we can plan the things accordingly.
> Thanks!
>
> --
> Kind Regards
> Ashish Vijaywargiya
> HotWax Systems - est. 1997 <http://www.hotwaxsystems.com/>
>
taher
Reply | Threaded
Open this post in threaded view
|

Re: "Not Secure" in the Google Chrome browser

taher
In reply to this post by Ashish Vijaywargiya-4
+1

I'm not sure any effort is needed from our side? We just need to coordinate
with infra right?

On Sun, Sep 30, 2018, 8:01 AM Ashish Vijaywargiya <
[hidden email]> wrote:

> Hello Team,
>
> I think we should put some effort and make it work like if some user hits
> http://ofbiz.apache.org(default port http) then the user is redirected to
> https://ofbiz.apache.org(Secure port https)
>
> For now, the user sees a message "Not Secure" in the Google Chrome browser
> URL if the user comes to the official ofbiz website. This message can
> confuse the end user and he can move away if he is the new user visiting
> the project website.
>
> This issue can be easily addressed by setting up the apache redirects. This
> change will also help the project URLs from SEO point of view.
>
> Please share your thoughts then we can plan the things accordingly.
> Thanks!
>
> --
> Kind Regards
> Ashish Vijaywargiya
> HotWax Systems - est. 1997 <http://www.hotwaxsystems.com/>
>
jsmith_dev
Reply | Threaded
Open this post in threaded view
|

Re: "Not Secure" in the Google Chrome browser

jsmith_dev
In reply to this post by jsmith_dev
Ooops - wrong email thread (silly me) Sorry all.

On Sun, Sep 30, 2018 at 4:00 PM Julian Smith <[hidden email]>
wrote:

> Can you please leave it in the state 'enabled'
>
> I will manually trigger another backup once you have completed this.
>
> On Sun, Sep 30, 2018 at 3:01 PM Ashish Vijaywargiya <
> [hidden email]> wrote:
>
>> Hello Team,
>>
>> I think we should put some effort and make it work like if some user hits
>> http://ofbiz.apache.org(default port http) then the user is redirected to
>> https://ofbiz.apache.org(Secure port https)
>>
>> For now, the user sees a message "Not Secure" in the Google Chrome browser
>> URL if the user comes to the official ofbiz website. This message can
>> confuse the end user and he can move away if he is the new user visiting
>> the project website.
>>
>> This issue can be easily addressed by setting up the apache redirects.
>> This
>> change will also help the project URLs from SEO point of view.
>>
>> Please share your thoughts then we can plan the things accordingly.
>> Thanks!
>>
>> --
>> Kind Regards
>> Ashish Vijaywargiya
>> HotWax Systems - est. 1997 <http://www.hotwaxsystems.com/>
>>
>
Swapnil Mane
Reply | Threaded
Open this post in threaded view
|

Re: "Not Secure" in the Google Chrome browser

Swapnil Mane
In reply to this post by Ashish Vijaywargiya-4
+1


- Best Regard,
Swapnil

On Sun, Sep 30, 2018 at 10:31 AM Ashish Vijaywargiya <
[hidden email]> wrote:

> Hello Team,
>
> I think we should put some effort and make it work like if some user hits
> http://ofbiz.apache.org(default port http) then the user is redirected to
> https://ofbiz.apache.org(Secure port https)
>
> For now, the user sees a message "Not Secure" in the Google Chrome browser
> URL if the user comes to the official ofbiz website. This message can
> confuse the end user and he can move away if he is the new user visiting
> the project website.
>
> This issue can be easily addressed by setting up the apache redirects. This
> change will also help the project URLs from SEO point of view.
>
> Please share your thoughts then we can plan the things accordingly.
> Thanks!
>
> --
> Kind Regards
> Ashish Vijaywargiya
> HotWax Systems - est. 1997 <http://www.hotwaxsystems.com/>
>
Jacques Le Roux
Reply | Threaded
Open this post in threaded view
|

Re: "Not Secure" in the Google Chrome browser

Jacques Le Roux
Administrator
In reply to this post by taher
We can handle it ourselves. It's puppetised. The file is infrastructure-puppet\data\roles\tlpserver.yaml at
https://github.com/apache/infrastructure-puppet.git in origin/deployment branch

OFBiz block is

ofbiz:
     vhost_name: '*'
     port: 80
     servername: 'www.ofbiz.org'
     docroot: '/www/ofbiz.apache.org'
     manage_docroot: false
     serveraliases:
       - 'ofbiz.org'
     serveradmin: '[hidden email]'
     access_log_file: '/x1/logs/weblog.log'
     error_log_file: '/x1/logs/errorlog.log'
     custom_fragment: |
       Redirect permanent / http://ofbiz.apache.org/
       UseCanonicalName On
       RewriteEngine On
       RewriteOptions inherit

       # bigfiles.ofbiz.org
       RewriteCond ${lowercase:%%{}{HTTP_HOST}} ^bigfiles(?:\.\w+)?\.ofbiz\.org$
       RewriteRule (.*) http://ofbiz-bigfiles.apache.org/ [L]

So we should add a ssl block and redirect http block to https as explained at https://wiki.apache.org/httpd/RedirectSSL

We can do a PR for that. Then it's better with an INFRA Jira because it's then seen and prioritised by the Infra team

Jacques


Le 30/09/2018 à 08:03, Taher Alkhateeb a écrit :

> +1
>
> I'm not sure any effort is needed from our side? We just need to coordinate
> with infra right?
>
> On Sun, Sep 30, 2018, 8:01 AM Ashish Vijaywargiya <
> [hidden email]> wrote:
>
>> Hello Team,
>>
>> I think we should put some effort and make it work like if some user hits
>> http://ofbiz.apache.org(default port http) then the user is redirected to
>> https://ofbiz.apache.org(Secure port https)
>>
>> For now, the user sees a message "Not Secure" in the Google Chrome browser
>> URL if the user comes to the official ofbiz website. This message can
>> confuse the end user and he can move away if he is the new user visiting
>> the project website.
>>
>> This issue can be easily addressed by setting up the apache redirects. This
>> change will also help the project URLs from SEO point of view.
>>
>> Please share your thoughts then we can plan the things accordingly.
>> Thanks!
>>
>> --
>> Kind Regards
>> Ashish Vijaywargiya
>> HotWax Systems - est. 1997 <http://www.hotwaxsystems.com/>
>>

Ashish Vijaywargiya-4
Reply | Threaded
Open this post in threaded view
|

Re: "Not Secure" in the Google Chrome browser

Ashish Vijaywargiya-4
Thanks, Jacques, Please feel free to get it done and let me know if some
help is required from my side. Thanks!

--
Kind Regards
Ashish Vijaywargiya
HotWax Systems - est. 1997 <http://www.hotwaxsystems.com/>



On Sun, Sep 30, 2018 at 1:38 PM Jacques Le Roux <
[hidden email]> wrote:

> We can handle it ourselves. It's puppetised. The file is
> infrastructure-puppet\data\roles\tlpserver.yaml at
> https://github.com/apache/infrastructure-puppet.git in origin/deployment
> branch
>
> OFBiz block is
>
> ofbiz:
>      vhost_name: '*'
>      port: 80
>      servername: 'www.ofbiz.org'
>      docroot: '/www/ofbiz.apache.org'
>      manage_docroot: false
>      serveraliases:
>        - 'ofbiz.org'
>      serveradmin: '[hidden email]'
>      access_log_file: '/x1/logs/weblog.log'
>      error_log_file: '/x1/logs/errorlog.log'
>      custom_fragment: |
>        Redirect permanent / http://ofbiz.apache.org/
>        UseCanonicalName On
>        RewriteEngine On
>        RewriteOptions inherit
>
>        # bigfiles.ofbiz.org
>        RewriteCond ${lowercase:%%{}{HTTP_HOST}}
> ^bigfiles(?:\.\w+)?\.ofbiz\.org$
>        RewriteRule (.*) http://ofbiz-bigfiles.apache.org/ [L]
>
> So we should add a ssl block and redirect http block to https as explained
> at https://wiki.apache.org/httpd/RedirectSSL
>
> We can do a PR for that. Then it's better with an INFRA Jira because it's
> then seen and prioritised by the Infra team
>
> Jacques
>
>
> Le 30/09/2018 à 08:03, Taher Alkhateeb a écrit :
> > +1
> >
> > I'm not sure any effort is needed from our side? We just need to
> coordinate
> > with infra right?
> >
> > On Sun, Sep 30, 2018, 8:01 AM Ashish Vijaywargiya <
> > [hidden email]> wrote:
> >
> >> Hello Team,
> >>
> >> I think we should put some effort and make it work like if some user
> hits
> >> http://ofbiz.apache.org(default port http) then the user is redirected
> to
> >> https://ofbiz.apache.org(Secure port https)
> >>
> >> For now, the user sees a message "Not Secure" in the Google Chrome
> browser
> >> URL if the user comes to the official ofbiz website. This message can
> >> confuse the end user and he can move away if he is the new user visiting
> >> the project website.
> >>
> >> This issue can be easily addressed by setting up the apache redirects.
> This
> >> change will also help the project URLs from SEO point of view.
> >>
> >> Please share your thoughts then we can plan the things accordingly.
> >> Thanks!
> >>
> >> --
> >> Kind Regards
> >> Ashish Vijaywargiya
> >> HotWax Systems - est. 1997 <http://www.hotwaxsystems.com/>
> >>
>
>
Ashish Vijaywargiya-4
Reply | Threaded
Open this post in threaded view
|

Re: "Not Secure" in the Google Chrome browser

Ashish Vijaywargiya-4
Few important articles from Google's official security blog site:

https://security.googleblog.com/2014/08/https-as-ranking-signal_6.html
https://security.googleblog.com/2015/12/indexing-https-pages-by-default.html
https://security.googleblog.com/2017/04/next-steps-toward-more-connection.html
https://security.googleblog.com/2018/02/a-secure-web-is-here-to-stay.html

Kind Regards
Ashish Vijaywargiya
HotWax Systems - est. 1997 <http://www.hotwaxsystems.com/>



On Sun, Sep 30, 2018 at 3:31 PM Ashish Vijaywargiya <
[hidden email]> wrote:

> Thanks, Jacques, Please feel free to get it done and let me know if some
> help is required from my side. Thanks!
>
> --
> Kind Regards
> Ashish Vijaywargiya
> HotWax Systems - est. 1997 <http://www.hotwaxsystems.com/>
>
>
>
> On Sun, Sep 30, 2018 at 1:38 PM Jacques Le Roux <
> [hidden email]> wrote:
>
>> We can handle it ourselves. It's puppetised. The file is
>> infrastructure-puppet\data\roles\tlpserver.yaml at
>> https://github.com/apache/infrastructure-puppet.git in origin/deployment
>> branch
>>
>> OFBiz block is
>>
>> ofbiz:
>>      vhost_name: '*'
>>      port: 80
>>      servername: 'www.ofbiz.org'
>>      docroot: '/www/ofbiz.apache.org'
>>      manage_docroot: false
>>      serveraliases:
>>        - 'ofbiz.org'
>>      serveradmin: '[hidden email]'
>>      access_log_file: '/x1/logs/weblog.log'
>>      error_log_file: '/x1/logs/errorlog.log'
>>      custom_fragment: |
>>        Redirect permanent / http://ofbiz.apache.org/
>>        UseCanonicalName On
>>        RewriteEngine On
>>        RewriteOptions inherit
>>
>>        # bigfiles.ofbiz.org
>>        RewriteCond ${lowercase:%%{}{HTTP_HOST}}
>> ^bigfiles(?:\.\w+)?\.ofbiz\.org$
>>        RewriteRule (.*) http://ofbiz-bigfiles.apache.org/ [L]
>>
>> So we should add a ssl block and redirect http block to https as
>> explained at https://wiki.apache.org/httpd/RedirectSSL
>>
>> We can do a PR for that. Then it's better with an INFRA Jira because it's
>> then seen and prioritised by the Infra team
>>
>> Jacques
>>
>>
>> Le 30/09/2018 à 08:03, Taher Alkhateeb a écrit :
>> > +1
>> >
>> > I'm not sure any effort is needed from our side? We just need to
>> coordinate
>> > with infra right?
>> >
>> > On Sun, Sep 30, 2018, 8:01 AM Ashish Vijaywargiya <
>> > [hidden email]> wrote:
>> >
>> >> Hello Team,
>> >>
>> >> I think we should put some effort and make it work like if some user
>> hits
>> >> http://ofbiz.apache.org(default port http) then the user is
>> redirected to
>> >> https://ofbiz.apache.org(Secure port https)
>> >>
>> >> For now, the user sees a message "Not Secure" in the Google Chrome
>> browser
>> >> URL if the user comes to the official ofbiz website. This message can
>> >> confuse the end user and he can move away if he is the new user
>> visiting
>> >> the project website.
>> >>
>> >> This issue can be easily addressed by setting up the apache redirects.
>> This
>> >> change will also help the project URLs from SEO point of view.
>> >>
>> >> Please share your thoughts then we can plan the things accordingly.
>> >> Thanks!
>> >>
>> >> --
>> >> Kind Regards
>> >> Ashish Vijaywargiya
>> >> HotWax Systems - est. 1997 <http://www.hotwaxsystems.com/>
>> >>
>>
>>
Deepak Dixit-4
Reply | Threaded
Open this post in threaded view
|

Re: "Not Secure" in the Google Chrome browser

Deepak Dixit-4
We have .htaccess file, we can write redirect rule in this file.

Thanks & Regards
--
Deepak Dixit


On Sun, Sep 30, 2018 at 3:51 PM, Ashish Vijaywargiya <
[hidden email]> wrote:

> Few important articles from Google's official security blog site:
>
> https://security.googleblog.com/2014/08/https-as-ranking-signal_6.html
> https://security.googleblog.com/2015/12/indexing-https-
> pages-by-default.html
> https://security.googleblog.com/2017/04/next-steps-toward-
> more-connection.html
> https://security.googleblog.com/2018/02/a-secure-web-is-here-to-stay.html
>
> Kind Regards
> Ashish Vijaywargiya
> HotWax Systems - est. 1997 <http://www.hotwaxsystems.com/>
>
>
>
> On Sun, Sep 30, 2018 at 3:31 PM Ashish Vijaywargiya <
> [hidden email]> wrote:
>
> > Thanks, Jacques, Please feel free to get it done and let me know if some
> > help is required from my side. Thanks!
> >
> > --
> > Kind Regards
> > Ashish Vijaywargiya
> > HotWax Systems - est. 1997 <http://www.hotwaxsystems.com/>
> >
> >
> >
> > On Sun, Sep 30, 2018 at 1:38 PM Jacques Le Roux <
> > [hidden email]> wrote:
> >
> >> We can handle it ourselves. It's puppetised. The file is
> >> infrastructure-puppet\data\roles\tlpserver.yaml at
> >> https://github.com/apache/infrastructure-puppet.git in
> origin/deployment
> >> branch
> >>
> >> OFBiz block is
> >>
> >> ofbiz:
> >>      vhost_name: '*'
> >>      port: 80
> >>      servername: 'www.ofbiz.org'
> >>      docroot: '/www/ofbiz.apache.org'
> >>      manage_docroot: false
> >>      serveraliases:
> >>        - 'ofbiz.org'
> >>      serveradmin: '[hidden email]'
> >>      access_log_file: '/x1/logs/weblog.log'
> >>      error_log_file: '/x1/logs/errorlog.log'
> >>      custom_fragment: |
> >>        Redirect permanent / http://ofbiz.apache.org/
> >>        UseCanonicalName On
> >>        RewriteEngine On
> >>        RewriteOptions inherit
> >>
> >>        # bigfiles.ofbiz.org
> >>        RewriteCond ${lowercase:%%{}{HTTP_HOST}}
> >> ^bigfiles(?:\.\w+)?\.ofbiz\.org$
> >>        RewriteRule (.*) http://ofbiz-bigfiles.apache.org/ [L]
> >>
> >> So we should add a ssl block and redirect http block to https as
> >> explained at https://wiki.apache.org/httpd/RedirectSSL
> >>
> >> We can do a PR for that. Then it's better with an INFRA Jira because
> it's
> >> then seen and prioritised by the Infra team
> >>
> >> Jacques
> >>
> >>
> >> Le 30/09/2018 à 08:03, Taher Alkhateeb a écrit :
> >> > +1
> >> >
> >> > I'm not sure any effort is needed from our side? We just need to
> >> coordinate
> >> > with infra right?
> >> >
> >> > On Sun, Sep 30, 2018, 8:01 AM Ashish Vijaywargiya <
> >> > [hidden email]> wrote:
> >> >
> >> >> Hello Team,
> >> >>
> >> >> I think we should put some effort and make it work like if some user
> >> hits
> >> >> http://ofbiz.apache.org(default port http) then the user is
> >> redirected to
> >> >> https://ofbiz.apache.org(Secure port https)
> >> >>
> >> >> For now, the user sees a message "Not Secure" in the Google Chrome
> >> browser
> >> >> URL if the user comes to the official ofbiz website. This message can
> >> >> confuse the end user and he can move away if he is the new user
> >> visiting
> >> >> the project website.
> >> >>
> >> >> This issue can be easily addressed by setting up the apache
> redirects.
> >> This
> >> >> change will also help the project URLs from SEO point of view.
> >> >>
> >> >> Please share your thoughts then we can plan the things accordingly.
> >> >> Thanks!
> >> >>
> >> >> --
> >> >> Kind Regards
> >> >> Ashish Vijaywargiya
> >> >> HotWax Systems - est. 1997 <http://www.hotwaxsystems.com/>
> >> >>
> >>
> >>
>
Jacques Le Roux
Reply | Threaded
Open this post in threaded view
|

Re: "Not Secure" in the Google Chrome browser

Jacques Le Roux
Administrator
That's quite a  good idea Deepak

Jacques


Le 01/10/2018 à 07:30, Deepak Dixit a écrit :

> We have .htaccess file, we can write redirect rule in this file.
>
> Thanks & Regards
> --
> Deepak Dixit
>
>
> On Sun, Sep 30, 2018 at 3:51 PM, Ashish Vijaywargiya <
> [hidden email]> wrote:
>
>> Few important articles from Google's official security blog site:
>>
>> https://security.googleblog.com/2014/08/https-as-ranking-signal_6.html
>> https://security.googleblog.com/2015/12/indexing-https-
>> pages-by-default.html
>> https://security.googleblog.com/2017/04/next-steps-toward-
>> more-connection.html
>> https://security.googleblog.com/2018/02/a-secure-web-is-here-to-stay.html
>>
>> Kind Regards
>> Ashish Vijaywargiya
>> HotWax Systems - est. 1997 <http://www.hotwaxsystems.com/>
>>
>>
>>
>> On Sun, Sep 30, 2018 at 3:31 PM Ashish Vijaywargiya <
>> [hidden email]> wrote:
>>
>>> Thanks, Jacques, Please feel free to get it done and let me know if some
>>> help is required from my side. Thanks!
>>>
>>> --
>>> Kind Regards
>>> Ashish Vijaywargiya
>>> HotWax Systems - est. 1997 <http://www.hotwaxsystems.com/>
>>>
>>>
>>>
>>> On Sun, Sep 30, 2018 at 1:38 PM Jacques Le Roux <
>>> [hidden email]> wrote:
>>>
>>>> We can handle it ourselves. It's puppetised. The file is
>>>> infrastructure-puppet\data\roles\tlpserver.yaml at
>>>> https://github.com/apache/infrastructure-puppet.git in
>> origin/deployment
>>>> branch
>>>>
>>>> OFBiz block is
>>>>
>>>> ofbiz:
>>>>       vhost_name: '*'
>>>>       port: 80
>>>>       servername: 'www.ofbiz.org'
>>>>       docroot: '/www/ofbiz.apache.org'
>>>>       manage_docroot: false
>>>>       serveraliases:
>>>>         - 'ofbiz.org'
>>>>       serveradmin: '[hidden email]'
>>>>       access_log_file: '/x1/logs/weblog.log'
>>>>       error_log_file: '/x1/logs/errorlog.log'
>>>>       custom_fragment: |
>>>>         Redirect permanent / http://ofbiz.apache.org/
>>>>         UseCanonicalName On
>>>>         RewriteEngine On
>>>>         RewriteOptions inherit
>>>>
>>>>         # bigfiles.ofbiz.org
>>>>         RewriteCond ${lowercase:%%{}{HTTP_HOST}}
>>>> ^bigfiles(?:\.\w+)?\.ofbiz\.org$
>>>>         RewriteRule (.*) http://ofbiz-bigfiles.apache.org/ [L]
>>>>
>>>> So we should add a ssl block and redirect http block to https as
>>>> explained at https://wiki.apache.org/httpd/RedirectSSL
>>>>
>>>> We can do a PR for that. Then it's better with an INFRA Jira because
>> it's
>>>> then seen and prioritised by the Infra team
>>>>
>>>> Jacques
>>>>
>>>>
>>>> Le 30/09/2018 à 08:03, Taher Alkhateeb a écrit :
>>>>> +1
>>>>>
>>>>> I'm not sure any effort is needed from our side? We just need to
>>>> coordinate
>>>>> with infra right?
>>>>>
>>>>> On Sun, Sep 30, 2018, 8:01 AM Ashish Vijaywargiya <
>>>>> [hidden email]> wrote:
>>>>>
>>>>>> Hello Team,
>>>>>>
>>>>>> I think we should put some effort and make it work like if some user
>>>> hits
>>>>>> http://ofbiz.apache.org(default port http) then the user is
>>>> redirected to
>>>>>> https://ofbiz.apache.org(Secure port https)
>>>>>>
>>>>>> For now, the user sees a message "Not Secure" in the Google Chrome
>>>> browser
>>>>>> URL if the user comes to the official ofbiz website. This message can
>>>>>> confuse the end user and he can move away if he is the new user
>>>> visiting
>>>>>> the project website.
>>>>>>
>>>>>> This issue can be easily addressed by setting up the apache
>> redirects.
>>>> This
>>>>>> change will also help the project URLs from SEO point of view.
>>>>>>
>>>>>> Please share your thoughts then we can plan the things accordingly.
>>>>>> Thanks!
>>>>>>
>>>>>> --
>>>>>> Kind Regards
>>>>>> Ashish Vijaywargiya
>>>>>> HotWax Systems - est. 1997 <http://www.hotwaxsystems.com/>
>>>>>>
>>>>

Deepak Dixit-4
Reply | Threaded
Open this post in threaded view
|

Re: "Not Secure" in the Google Chrome browser

Deepak Dixit-4
Thanks Jacques,

Following rule should work.
=============
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://ofbiz.apache.org/$1 [R,L]
=============

Please confirm if it looks good.

Thanks & Regards
--
Deepak Dixit


On Mon, Oct 1, 2018 at 11:45 AM, Jacques Le Roux <
[hidden email]> wrote:

> That's quite a  good idea Deepak
>
> Jacques
>
>
>
> Le 01/10/2018 à 07:30, Deepak Dixit a écrit :
>
>> We have .htaccess file, we can write redirect rule in this file.
>>
>> Thanks & Regards
>> --
>> Deepak Dixit
>>
>>
>> On Sun, Sep 30, 2018 at 3:51 PM, Ashish Vijaywargiya <
>> [hidden email]> wrote:
>>
>> Few important articles from Google's official security blog site:
>>>
>>> https://security.googleblog.com/2014/08/https-as-ranking-signal_6.html
>>> https://security.googleblog.com/2015/12/indexing-https-
>>> pages-by-default.html
>>> https://security.googleblog.com/2017/04/next-steps-toward-
>>> more-connection.html
>>> https://security.googleblog.com/2018/02/a-secure-web-is-here
>>> -to-stay.html
>>>
>>> Kind Regards
>>> Ashish Vijaywargiya
>>> HotWax Systems - est. 1997 <http://www.hotwaxsystems.com/>
>>>
>>>
>>>
>>> On Sun, Sep 30, 2018 at 3:31 PM Ashish Vijaywargiya <
>>> [hidden email]> wrote:
>>>
>>> Thanks, Jacques, Please feel free to get it done and let me know if some
>>>> help is required from my side. Thanks!
>>>>
>>>> --
>>>> Kind Regards
>>>> Ashish Vijaywargiya
>>>> HotWax Systems - est. 1997 <http://www.hotwaxsystems.com/>
>>>>
>>>>
>>>>
>>>> On Sun, Sep 30, 2018 at 1:38 PM Jacques Le Roux <
>>>> [hidden email]> wrote:
>>>>
>>>> We can handle it ourselves. It's puppetised. The file is
>>>>> infrastructure-puppet\data\roles\tlpserver.yaml at
>>>>> https://github.com/apache/infrastructure-puppet.git in
>>>>>
>>>> origin/deployment
>>>
>>>> branch
>>>>>
>>>>> OFBiz block is
>>>>>
>>>>> ofbiz:
>>>>>       vhost_name: '*'
>>>>>       port: 80
>>>>>       servername: 'www.ofbiz.org'
>>>>>       docroot: '/www/ofbiz.apache.org'
>>>>>       manage_docroot: false
>>>>>       serveraliases:
>>>>>         - 'ofbiz.org'
>>>>>       serveradmin: '[hidden email]'
>>>>>       access_log_file: '/x1/logs/weblog.log'
>>>>>       error_log_file: '/x1/logs/errorlog.log'
>>>>>       custom_fragment: |
>>>>>         Redirect permanent / http://ofbiz.apache.org/
>>>>>         UseCanonicalName On
>>>>>         RewriteEngine On
>>>>>         RewriteOptions inherit
>>>>>
>>>>>         # bigfiles.ofbiz.org
>>>>>         RewriteCond ${lowercase:%%{}{HTTP_HOST}}
>>>>> ^bigfiles(?:\.\w+)?\.ofbiz\.org$
>>>>>         RewriteRule (.*) http://ofbiz-bigfiles.apache.org/ [L]
>>>>>
>>>>> So we should add a ssl block and redirect http block to https as
>>>>> explained at https://wiki.apache.org/httpd/RedirectSSL
>>>>>
>>>>> We can do a PR for that. Then it's better with an INFRA Jira because
>>>>>
>>>> it's
>>>
>>>> then seen and prioritised by the Infra team
>>>>>
>>>>> Jacques
>>>>>
>>>>>
>>>>> Le 30/09/2018 à 08:03, Taher Alkhateeb a écrit :
>>>>>
>>>>>> +1
>>>>>>
>>>>>> I'm not sure any effort is needed from our side? We just need to
>>>>>>
>>>>> coordinate
>>>>>
>>>>>> with infra right?
>>>>>>
>>>>>> On Sun, Sep 30, 2018, 8:01 AM Ashish Vijaywargiya <
>>>>>> [hidden email]> wrote:
>>>>>>
>>>>>> Hello Team,
>>>>>>>
>>>>>>> I think we should put some effort and make it work like if some user
>>>>>>>
>>>>>> hits
>>>>>
>>>>>> http://ofbiz.apache.org(default port http) then the user is
>>>>>>>
>>>>>> redirected to
>>>>>
>>>>>> https://ofbiz.apache.org(Secure port https)
>>>>>>>
>>>>>>> For now, the user sees a message "Not Secure" in the Google Chrome
>>>>>>>
>>>>>> browser
>>>>>
>>>>>> URL if the user comes to the official ofbiz website. This message can
>>>>>>> confuse the end user and he can move away if he is the new user
>>>>>>>
>>>>>> visiting
>>>>>
>>>>>> the project website.
>>>>>>>
>>>>>>> This issue can be easily addressed by setting up the apache
>>>>>>>
>>>>>> redirects.
>>>
>>>> This
>>>>>
>>>>>> change will also help the project URLs from SEO point of view.
>>>>>>>
>>>>>>> Please share your thoughts then we can plan the things accordingly.
>>>>>>> Thanks!
>>>>>>>
>>>>>>> --
>>>>>>> Kind Regards
>>>>>>> Ashish Vijaywargiya
>>>>>>> HotWax Systems - est. 1997 <http://www.hotwaxsystems.com/>
>>>>>>>
>>>>>>>
>>>>>
>
Jacques Le Roux
Reply | Threaded
Open this post in threaded view
|

Re: "Not Secure" in the Google Chrome browser

Jacques Le Roux
Administrator
Thanks Deepak,

+1

Jacques

Le 01/10/2018 à 08:32, Deepak Dixit a écrit :

> Thanks Jacques,
>
> Following rule should work.
> =============
> RewriteCond %{SERVER_PORT} 80
> RewriteRule ^(.*)$ https://ofbiz.apache.org/$1 [R,L]
> =============
>
> Please confirm if it looks good.
>
> Thanks & Regards
> --
> Deepak Dixit
>
>
> On Mon, Oct 1, 2018 at 11:45 AM, Jacques Le Roux <
> [hidden email]> wrote:
>
>> That's quite a  good idea Deepak
>>
>> Jacques
>>
>>
>>
>> Le 01/10/2018 à 07:30, Deepak Dixit a écrit :
>>
>>> We have .htaccess file, we can write redirect rule in this file.
>>>
>>> Thanks & Regards
>>> --
>>> Deepak Dixit
>>>
>>>
>>> On Sun, Sep 30, 2018 at 3:51 PM, Ashish Vijaywargiya <
>>> [hidden email]> wrote:
>>>
>>> Few important articles from Google's official security blog site:
>>>> https://security.googleblog.com/2014/08/https-as-ranking-signal_6.html
>>>> https://security.googleblog.com/2015/12/indexing-https-
>>>> pages-by-default.html
>>>> https://security.googleblog.com/2017/04/next-steps-toward-
>>>> more-connection.html
>>>> https://security.googleblog.com/2018/02/a-secure-web-is-here
>>>> -to-stay.html
>>>>
>>>> Kind Regards
>>>> Ashish Vijaywargiya
>>>> HotWax Systems - est. 1997 <http://www.hotwaxsystems.com/>
>>>>
>>>>
>>>>
>>>> On Sun, Sep 30, 2018 at 3:31 PM Ashish Vijaywargiya <
>>>> [hidden email]> wrote:
>>>>
>>>> Thanks, Jacques, Please feel free to get it done and let me know if some
>>>>> help is required from my side. Thanks!
>>>>>
>>>>> --
>>>>> Kind Regards
>>>>> Ashish Vijaywargiya
>>>>> HotWax Systems - est. 1997 <http://www.hotwaxsystems.com/>
>>>>>
>>>>>
>>>>>
>>>>> On Sun, Sep 30, 2018 at 1:38 PM Jacques Le Roux <
>>>>> [hidden email]> wrote:
>>>>>
>>>>> We can handle it ourselves. It's puppetised. The file is
>>>>>> infrastructure-puppet\data\roles\tlpserver.yaml at
>>>>>> https://github.com/apache/infrastructure-puppet.git in
>>>>>>
>>>>> origin/deployment
>>>>> branch
>>>>>> OFBiz block is
>>>>>>
>>>>>> ofbiz:
>>>>>>        vhost_name: '*'
>>>>>>        port: 80
>>>>>>        servername: 'www.ofbiz.org'
>>>>>>        docroot: '/www/ofbiz.apache.org'
>>>>>>        manage_docroot: false
>>>>>>        serveraliases:
>>>>>>          - 'ofbiz.org'
>>>>>>        serveradmin: '[hidden email]'
>>>>>>        access_log_file: '/x1/logs/weblog.log'
>>>>>>        error_log_file: '/x1/logs/errorlog.log'
>>>>>>        custom_fragment: |
>>>>>>          Redirect permanent / http://ofbiz.apache.org/
>>>>>>          UseCanonicalName On
>>>>>>          RewriteEngine On
>>>>>>          RewriteOptions inherit
>>>>>>
>>>>>>          # bigfiles.ofbiz.org
>>>>>>          RewriteCond ${lowercase:%%{}{HTTP_HOST}}
>>>>>> ^bigfiles(?:\.\w+)?\.ofbiz\.org$
>>>>>>          RewriteRule (.*) http://ofbiz-bigfiles.apache.org/ [L]
>>>>>>
>>>>>> So we should add a ssl block and redirect http block to https as
>>>>>> explained at https://wiki.apache.org/httpd/RedirectSSL
>>>>>>
>>>>>> We can do a PR for that. Then it's better with an INFRA Jira because
>>>>>>
>>>>> it's
>>>>> then seen and prioritised by the Infra team
>>>>>> Jacques
>>>>>>
>>>>>>
>>>>>> Le 30/09/2018 à 08:03, Taher Alkhateeb a écrit :
>>>>>>
>>>>>>> +1
>>>>>>>
>>>>>>> I'm not sure any effort is needed from our side? We just need to
>>>>>>>
>>>>>> coordinate
>>>>>>
>>>>>>> with infra right?
>>>>>>>
>>>>>>> On Sun, Sep 30, 2018, 8:01 AM Ashish Vijaywargiya <
>>>>>>> [hidden email]> wrote:
>>>>>>>
>>>>>>> Hello Team,
>>>>>>>> I think we should put some effort and make it work like if some user
>>>>>>>>
>>>>>>> hits
>>>>>>> http://ofbiz.apache.org(default port http) then the user is
>>>>>>> redirected to
>>>>>>> https://ofbiz.apache.org(Secure port https)
>>>>>>>> For now, the user sees a message "Not Secure" in the Google Chrome
>>>>>>>>
>>>>>>> browser
>>>>>>> URL if the user comes to the official ofbiz website. This message can
>>>>>>>> confuse the end user and he can move away if he is the new user
>>>>>>>>
>>>>>>> visiting
>>>>>>> the project website.
>>>>>>>> This issue can be easily addressed by setting up the apache
>>>>>>>>
>>>>>>> redirects.
>>>>> This
>>>>>>> change will also help the project URLs from SEO point of view.
>>>>>>>> Please share your thoughts then we can plan the things accordingly.
>>>>>>>> Thanks!
>>>>>>>>
>>>>>>>> --
>>>>>>>> Kind Regards
>>>>>>>> Ashish Vijaywargiya
>>>>>>>> HotWax Systems - est. 1997 <http://www.hotwaxsystems.com/>
>>>>>>>>
>>>>>>>>

Michael Brohl-3
Reply | Threaded
Open this post in threaded view
|

Re: "Not Secure" in the Google Chrome browser

Michael Brohl-3
In reply to this post by Deepak Dixit-4
Hi Deepak,

I would suggest

===

RewriteCond %{HTTPS} off
RewriteRule ^\/?(.*)$ <a href="https://%">https://%{HTTP_HOST}/$1 [R=301,L]

===


1st statement just checks if https is not active, independent of the
ports used.

2nd statement does a 301 redirect telling Google that it is permanent.

Regards,

Michael


Am 01.10.18 um 08:32 schrieb Deepak Dixit:

> Thanks Jacques,
>
> Following rule should work.
> =============
> RewriteCond %{SERVER_PORT} 80
> RewriteRule ^(.*)$ https://ofbiz.apache.org/$1 [R,L]
> =============
>
> Please confirm if it looks good.
>
> Thanks & Regards
> --
> Deepak Dixit
>
>
> On Mon, Oct 1, 2018 at 11:45 AM, Jacques Le Roux <
> [hidden email]> wrote:
>
>> That's quite a  good idea Deepak
>>
>> Jacques
>>
>>
>>
>> Le 01/10/2018 à 07:30, Deepak Dixit a écrit :
>>
>>> We have .htaccess file, we can write redirect rule in this file.
>>>
>>> Thanks & Regards
>>> --
>>> Deepak Dixit
>>>
>>>
>>> On Sun, Sep 30, 2018 at 3:51 PM, Ashish Vijaywargiya <
>>> [hidden email]> wrote:
>>>
>>> Few important articles from Google's official security blog site:
>>>> https://security.googleblog.com/2014/08/https-as-ranking-signal_6.html
>>>> https://security.googleblog.com/2015/12/indexing-https-
>>>> pages-by-default.html
>>>> https://security.googleblog.com/2017/04/next-steps-toward-
>>>> more-connection.html
>>>> https://security.googleblog.com/2018/02/a-secure-web-is-here
>>>> -to-stay.html
>>>>
>>>> Kind Regards
>>>> Ashish Vijaywargiya
>>>> HotWax Systems - est. 1997 <http://www.hotwaxsystems.com/>
>>>>
>>>>
>>>>
>>>> On Sun, Sep 30, 2018 at 3:31 PM Ashish Vijaywargiya <
>>>> [hidden email]> wrote:
>>>>
>>>> Thanks, Jacques, Please feel free to get it done and let me know if some
>>>>> help is required from my side. Thanks!
>>>>>
>>>>> --
>>>>> Kind Regards
>>>>> Ashish Vijaywargiya
>>>>> HotWax Systems - est. 1997 <http://www.hotwaxsystems.com/>
>>>>>
>>>>>
>>>>>
>>>>> On Sun, Sep 30, 2018 at 1:38 PM Jacques Le Roux <
>>>>> [hidden email]> wrote:
>>>>>
>>>>> We can handle it ourselves. It's puppetised. The file is
>>>>>> infrastructure-puppet\data\roles\tlpserver.yaml at
>>>>>> https://github.com/apache/infrastructure-puppet.git in
>>>>>>
>>>>> origin/deployment
>>>>> branch
>>>>>> OFBiz block is
>>>>>>
>>>>>> ofbiz:
>>>>>>        vhost_name: '*'
>>>>>>        port: 80
>>>>>>        servername: 'www.ofbiz.org'
>>>>>>        docroot: '/www/ofbiz.apache.org'
>>>>>>        manage_docroot: false
>>>>>>        serveraliases:
>>>>>>          - 'ofbiz.org'
>>>>>>        serveradmin: '[hidden email]'
>>>>>>        access_log_file: '/x1/logs/weblog.log'
>>>>>>        error_log_file: '/x1/logs/errorlog.log'
>>>>>>        custom_fragment: |
>>>>>>          Redirect permanent / http://ofbiz.apache.org/
>>>>>>          UseCanonicalName On
>>>>>>          RewriteEngine On
>>>>>>          RewriteOptions inherit
>>>>>>
>>>>>>          # bigfiles.ofbiz.org
>>>>>>          RewriteCond ${lowercase:%%{}{HTTP_HOST}}
>>>>>> ^bigfiles(?:\.\w+)?\.ofbiz\.org$
>>>>>>          RewriteRule (.*) http://ofbiz-bigfiles.apache.org/ [L]
>>>>>>
>>>>>> So we should add a ssl block and redirect http block to https as
>>>>>> explained at https://wiki.apache.org/httpd/RedirectSSL
>>>>>>
>>>>>> We can do a PR for that. Then it's better with an INFRA Jira because
>>>>>>
>>>>> it's
>>>>> then seen and prioritised by the Infra team
>>>>>> Jacques
>>>>>>
>>>>>>
>>>>>> Le 30/09/2018 à 08:03, Taher Alkhateeb a écrit :
>>>>>>
>>>>>>> +1
>>>>>>>
>>>>>>> I'm not sure any effort is needed from our side? We just need to
>>>>>>>
>>>>>> coordinate
>>>>>>
>>>>>>> with infra right?
>>>>>>>
>>>>>>> On Sun, Sep 30, 2018, 8:01 AM Ashish Vijaywargiya <
>>>>>>> [hidden email]> wrote:
>>>>>>>
>>>>>>> Hello Team,
>>>>>>>> I think we should put some effort and make it work like if some user
>>>>>>>>
>>>>>>> hits
>>>>>>> http://ofbiz.apache.org(default port http) then the user is
>>>>>>> redirected to
>>>>>>> https://ofbiz.apache.org(Secure port https)
>>>>>>>> For now, the user sees a message "Not Secure" in the Google Chrome
>>>>>>>>
>>>>>>> browser
>>>>>>> URL if the user comes to the official ofbiz website. This message can
>>>>>>>> confuse the end user and he can move away if he is the new user
>>>>>>>>
>>>>>>> visiting
>>>>>>> the project website.
>>>>>>>> This issue can be easily addressed by setting up the apache
>>>>>>>>
>>>>>>> redirects.
>>>>> This
>>>>>>> change will also help the project URLs from SEO point of view.
>>>>>>>> Please share your thoughts then we can plan the things accordingly.
>>>>>>>> Thanks!
>>>>>>>>
>>>>>>>> --
>>>>>>>> Kind Regards
>>>>>>>> Ashish Vijaywargiya
>>>>>>>> HotWax Systems - est. 1997 <http://www.hotwaxsystems.com/>
>>>>>>>>
>>>>>>>>


smime.p7s (5K) Download Attachment
Deepak Dixit-4
Reply | Threaded
Open this post in threaded view
|

Re: "Not Secure" in the Google Chrome browser

Deepak Dixit-4
Thanks Michael,

I just discuss this with our sysadmin, and he suggests the same as your
solution :)

Let me commit this.


Thanks & Regards
--
Deepak Dixit


On Mon, Oct 1, 2018 at 1:45 PM, Michael Brohl <[hidden email]>
wrote:

> Hi Deepak,
>
> I would suggest
>
> ===
>
> RewriteCond %{HTTPS} off
> RewriteRule ^\/?(.*)$ <a href="https://%">https://%{HTTP_HOST}/$1 [R=301,L]
>
> ===
>
>
> 1st statement just checks if https is not active, independent of the ports
> used.
>
> 2nd statement does a 301 redirect telling Google that it is permanent.
>
> Regards,
>
> Michael
>
>
> Am 01.10.18 um 08:32 schrieb Deepak Dixit:
>
> Thanks Jacques,
>>
>> Following rule should work.
>> =============
>> RewriteCond %{SERVER_PORT} 80
>> RewriteRule ^(.*)$ https://ofbiz.apache.org/$1 [R,L]
>> =============
>>
>> Please confirm if it looks good.
>>
>> Thanks & Regards
>> --
>> Deepak Dixit
>>
>>
>> On Mon, Oct 1, 2018 at 11:45 AM, Jacques Le Roux <
>> [hidden email]> wrote:
>>
>> That's quite a  good idea Deepak
>>>
>>> Jacques
>>>
>>>
>>>
>>> Le 01/10/2018 à 07:30, Deepak Dixit a écrit :
>>>
>>> We have .htaccess file, we can write redirect rule in this file.
>>>>
>>>> Thanks & Regards
>>>> --
>>>> Deepak Dixit
>>>>
>>>>
>>>> On Sun, Sep 30, 2018 at 3:51 PM, Ashish Vijaywargiya <
>>>> [hidden email]> wrote:
>>>>
>>>> Few important articles from Google's official security blog site:
>>>>
>>>>> https://security.googleblog.com/2014/08/https-as-ranking-signal_6.html
>>>>> https://security.googleblog.com/2015/12/indexing-https-
>>>>> pages-by-default.html
>>>>> https://security.googleblog.com/2017/04/next-steps-toward-
>>>>> more-connection.html
>>>>> https://security.googleblog.com/2018/02/a-secure-web-is-here
>>>>> -to-stay.html
>>>>>
>>>>> Kind Regards
>>>>> Ashish Vijaywargiya
>>>>> HotWax Systems - est. 1997 <http://www.hotwaxsystems.com/>
>>>>>
>>>>>
>>>>>
>>>>> On Sun, Sep 30, 2018 at 3:31 PM Ashish Vijaywargiya <
>>>>> [hidden email]> wrote:
>>>>>
>>>>> Thanks, Jacques, Please feel free to get it done and let me know if
>>>>> some
>>>>>
>>>>>> help is required from my side. Thanks!
>>>>>>
>>>>>> --
>>>>>> Kind Regards
>>>>>> Ashish Vijaywargiya
>>>>>> HotWax Systems - est. 1997 <http://www.hotwaxsystems.com/>
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Sun, Sep 30, 2018 at 1:38 PM Jacques Le Roux <
>>>>>> [hidden email]> wrote:
>>>>>>
>>>>>> We can handle it ourselves. It's puppetised. The file is
>>>>>>
>>>>>>> infrastructure-puppet\data\roles\tlpserver.yaml at
>>>>>>> https://github.com/apache/infrastructure-puppet.git in
>>>>>>>
>>>>>>> origin/deployment
>>>>>> branch
>>>>>>
>>>>>>> OFBiz block is
>>>>>>>
>>>>>>> ofbiz:
>>>>>>>        vhost_name: '*'
>>>>>>>        port: 80
>>>>>>>        servername: 'www.ofbiz.org'
>>>>>>>        docroot: '/www/ofbiz.apache.org'
>>>>>>>        manage_docroot: false
>>>>>>>        serveraliases:
>>>>>>>          - 'ofbiz.org'
>>>>>>>        serveradmin: '[hidden email]'
>>>>>>>        access_log_file: '/x1/logs/weblog.log'
>>>>>>>        error_log_file: '/x1/logs/errorlog.log'
>>>>>>>        custom_fragment: |
>>>>>>>          Redirect permanent / http://ofbiz.apache.org/
>>>>>>>          UseCanonicalName On
>>>>>>>          RewriteEngine On
>>>>>>>          RewriteOptions inherit
>>>>>>>
>>>>>>>          # bigfiles.ofbiz.org
>>>>>>>          RewriteCond ${lowercase:%%{}{HTTP_HOST}}
>>>>>>> ^bigfiles(?:\.\w+)?\.ofbiz\.org$
>>>>>>>          RewriteRule (.*) http://ofbiz-bigfiles.apache.org/ [L]
>>>>>>>
>>>>>>> So we should add a ssl block and redirect http block to https as
>>>>>>> explained at https://wiki.apache.org/httpd/RedirectSSL
>>>>>>>
>>>>>>> We can do a PR for that. Then it's better with an INFRA Jira because
>>>>>>>
>>>>>>> it's
>>>>>> then seen and prioritised by the Infra team
>>>>>>
>>>>>>> Jacques
>>>>>>>
>>>>>>>
>>>>>>> Le 30/09/2018 à 08:03, Taher Alkhateeb a écrit :
>>>>>>>
>>>>>>> +1
>>>>>>>>
>>>>>>>> I'm not sure any effort is needed from our side? We just need to
>>>>>>>>
>>>>>>>> coordinate
>>>>>>>
>>>>>>> with infra right?
>>>>>>>>
>>>>>>>> On Sun, Sep 30, 2018, 8:01 AM Ashish Vijaywargiya <
>>>>>>>> [hidden email]> wrote:
>>>>>>>>
>>>>>>>> Hello Team,
>>>>>>>>
>>>>>>>>> I think we should put some effort and make it work like if some
>>>>>>>>> user
>>>>>>>>>
>>>>>>>>> hits
>>>>>>>> http://ofbiz.apache.org(default port http) then the user is
>>>>>>>> redirected to
>>>>>>>> https://ofbiz.apache.org(Secure port https)
>>>>>>>>
>>>>>>>>> For now, the user sees a message "Not Secure" in the Google Chrome
>>>>>>>>>
>>>>>>>>> browser
>>>>>>>> URL if the user comes to the official ofbiz website. This message
>>>>>>>> can
>>>>>>>>
>>>>>>>>> confuse the end user and he can move away if he is the new user
>>>>>>>>>
>>>>>>>>> visiting
>>>>>>>> the project website.
>>>>>>>>
>>>>>>>>> This issue can be easily addressed by setting up the apache
>>>>>>>>>
>>>>>>>>> redirects.
>>>>>>>>
>>>>>>> This
>>>>>>
>>>>>>> change will also help the project URLs from SEO point of view.
>>>>>>>>
>>>>>>>>> Please share your thoughts then we can plan the things accordingly.
>>>>>>>>> Thanks!
>>>>>>>>>
>>>>>>>>> --
>>>>>>>>> Kind Regards
>>>>>>>>> Ashish Vijaywargiya
>>>>>>>>> HotWax Systems - est. 1997 <http://www.hotwaxsystems.com/>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>
>
Deepak Dixit-4
Reply | Threaded
Open this post in threaded view
|

Re: "Not Secure" in the Google Chrome browser

Deepak Dixit-4
This has been done at r#1842437, and it's working fine.

Thanks & Regards
--
Deepak Dixit


On Mon, Oct 1, 2018 at 1:55 PM, Deepak Dixit <[hidden email]> wrote:

> Thanks Michael,
>
> I just discuss this with our sysadmin, and he suggests the same as your
> solution :)
>
> Let me commit this.
>
>
> Thanks & Regards
> --
> Deepak Dixit
>
>
> On Mon, Oct 1, 2018 at 1:45 PM, Michael Brohl <[hidden email]>
> wrote:
>
>> Hi Deepak,
>>
>> I would suggest
>>
>> ===
>>
>> RewriteCond %{HTTPS} off
>> RewriteRule ^\/?(.*)$ <a href="https://%">https://%{HTTP_HOST}/$1 [R=301,L]
>>
>> ===
>>
>>
>> 1st statement just checks if https is not active, independent of the
>> ports used.
>>
>> 2nd statement does a 301 redirect telling Google that it is permanent.
>>
>> Regards,
>>
>> Michael
>>
>>
>> Am 01.10.18 um 08:32 schrieb Deepak Dixit:
>>
>> Thanks Jacques,
>>>
>>> Following rule should work.
>>> =============
>>> RewriteCond %{SERVER_PORT} 80
>>> RewriteRule ^(.*)$ https://ofbiz.apache.org/$1 [R,L]
>>> =============
>>>
>>> Please confirm if it looks good.
>>>
>>> Thanks & Regards
>>> --
>>> Deepak Dixit
>>>
>>>
>>> On Mon, Oct 1, 2018 at 11:45 AM, Jacques Le Roux <
>>> [hidden email]> wrote:
>>>
>>> That's quite a  good idea Deepak
>>>>
>>>> Jacques
>>>>
>>>>
>>>>
>>>> Le 01/10/2018 à 07:30, Deepak Dixit a écrit :
>>>>
>>>> We have .htaccess file, we can write redirect rule in this file.
>>>>>
>>>>> Thanks & Regards
>>>>> --
>>>>> Deepak Dixit
>>>>>
>>>>>
>>>>> On Sun, Sep 30, 2018 at 3:51 PM, Ashish Vijaywargiya <
>>>>> [hidden email]> wrote:
>>>>>
>>>>> Few important articles from Google's official security blog site:
>>>>>
>>>>>> https://security.googleblog.com/2014/08/https-as-ranking-sig
>>>>>> nal_6.html
>>>>>> https://security.googleblog.com/2015/12/indexing-https-
>>>>>> pages-by-default.html
>>>>>> https://security.googleblog.com/2017/04/next-steps-toward-
>>>>>> more-connection.html
>>>>>> https://security.googleblog.com/2018/02/a-secure-web-is-here
>>>>>> -to-stay.html
>>>>>>
>>>>>> Kind Regards
>>>>>> Ashish Vijaywargiya
>>>>>> HotWax Systems - est. 1997 <http://www.hotwaxsystems.com/>
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Sun, Sep 30, 2018 at 3:31 PM Ashish Vijaywargiya <
>>>>>> [hidden email]> wrote:
>>>>>>
>>>>>> Thanks, Jacques, Please feel free to get it done and let me know if
>>>>>> some
>>>>>>
>>>>>>> help is required from my side. Thanks!
>>>>>>>
>>>>>>> --
>>>>>>> Kind Regards
>>>>>>> Ashish Vijaywargiya
>>>>>>> HotWax Systems - est. 1997 <http://www.hotwaxsystems.com/>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Sun, Sep 30, 2018 at 1:38 PM Jacques Le Roux <
>>>>>>> [hidden email]> wrote:
>>>>>>>
>>>>>>> We can handle it ourselves. It's puppetised. The file is
>>>>>>>
>>>>>>>> infrastructure-puppet\data\roles\tlpserver.yaml at
>>>>>>>> https://github.com/apache/infrastructure-puppet.git in
>>>>>>>>
>>>>>>>> origin/deployment
>>>>>>> branch
>>>>>>>
>>>>>>>> OFBiz block is
>>>>>>>>
>>>>>>>> ofbiz:
>>>>>>>>        vhost_name: '*'
>>>>>>>>        port: 80
>>>>>>>>        servername: 'www.ofbiz.org'
>>>>>>>>        docroot: '/www/ofbiz.apache.org'
>>>>>>>>        manage_docroot: false
>>>>>>>>        serveraliases:
>>>>>>>>          - 'ofbiz.org'
>>>>>>>>        serveradmin: '[hidden email]'
>>>>>>>>        access_log_file: '/x1/logs/weblog.log'
>>>>>>>>        error_log_file: '/x1/logs/errorlog.log'
>>>>>>>>        custom_fragment: |
>>>>>>>>          Redirect permanent / http://ofbiz.apache.org/
>>>>>>>>          UseCanonicalName On
>>>>>>>>          RewriteEngine On
>>>>>>>>          RewriteOptions inherit
>>>>>>>>
>>>>>>>>          # bigfiles.ofbiz.org
>>>>>>>>          RewriteCond ${lowercase:%%{}{HTTP_HOST}}
>>>>>>>> ^bigfiles(?:\.\w+)?\.ofbiz\.org$
>>>>>>>>          RewriteRule (.*) http://ofbiz-bigfiles.apache.org/ [L]
>>>>>>>>
>>>>>>>> So we should add a ssl block and redirect http block to https as
>>>>>>>> explained at https://wiki.apache.org/httpd/RedirectSSL
>>>>>>>>
>>>>>>>> We can do a PR for that. Then it's better with an INFRA Jira because
>>>>>>>>
>>>>>>>> it's
>>>>>>> then seen and prioritised by the Infra team
>>>>>>>
>>>>>>>> Jacques
>>>>>>>>
>>>>>>>>
>>>>>>>> Le 30/09/2018 à 08:03, Taher Alkhateeb a écrit :
>>>>>>>>
>>>>>>>> +1
>>>>>>>>>
>>>>>>>>> I'm not sure any effort is needed from our side? We just need to
>>>>>>>>>
>>>>>>>>> coordinate
>>>>>>>>
>>>>>>>> with infra right?
>>>>>>>>>
>>>>>>>>> On Sun, Sep 30, 2018, 8:01 AM Ashish Vijaywargiya <
>>>>>>>>> [hidden email]> wrote:
>>>>>>>>>
>>>>>>>>> Hello Team,
>>>>>>>>>
>>>>>>>>>> I think we should put some effort and make it work like if some
>>>>>>>>>> user
>>>>>>>>>>
>>>>>>>>>> hits
>>>>>>>>> http://ofbiz.apache.org(default port http) then the user is
>>>>>>>>> redirected to
>>>>>>>>> https://ofbiz.apache.org(Secure port https)
>>>>>>>>>
>>>>>>>>>> For now, the user sees a message "Not Secure" in the Google Chrome
>>>>>>>>>>
>>>>>>>>>> browser
>>>>>>>>> URL if the user comes to the official ofbiz website. This message
>>>>>>>>> can
>>>>>>>>>
>>>>>>>>>> confuse the end user and he can move away if he is the new user
>>>>>>>>>>
>>>>>>>>>> visiting
>>>>>>>>> the project website.
>>>>>>>>>
>>>>>>>>>> This issue can be easily addressed by setting up the apache
>>>>>>>>>>
>>>>>>>>>> redirects.
>>>>>>>>>
>>>>>>>> This
>>>>>>>
>>>>>>>> change will also help the project URLs from SEO point of view.
>>>>>>>>>
>>>>>>>>>> Please share your thoughts then we can plan the things
>>>>>>>>>> accordingly.
>>>>>>>>>> Thanks!
>>>>>>>>>>
>>>>>>>>>> --
>>>>>>>>>> Kind Regards
>>>>>>>>>> Ashish Vijaywargiya
>>>>>>>>>> HotWax Systems - est. 1997 <http://www.hotwaxsystems.com/>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>
>>
>
Michael Brohl-3
Reply | Threaded
Open this post in threaded view
|

Re: "Not Secure" in the Google Chrome browser

Michael Brohl-3
In reply to this post by Deepak Dixit-4
Thank you, Deepak!

Regards,

Michael


Am 01.10.18 um 10:25 schrieb Deepak Dixit:

> Thanks Michael,
>
> I just discuss this with our sysadmin, and he suggests the same as your
> solution :)
>
> Let me commit this.
>
>
> Thanks & Regards
> --
> Deepak Dixit
>
>
> On Mon, Oct 1, 2018 at 1:45 PM, Michael Brohl <[hidden email]>
> wrote:
>
>> Hi Deepak,
>>
>> I would suggest
>>
>> ===
>>
>> RewriteCond %{HTTPS} off
>> RewriteRule ^\/?(.*)$ <a href="https://%">https://%{HTTP_HOST}/$1 [R=301,L]
>>
>> ===
>>
>>
>> 1st statement just checks if https is not active, independent of the ports
>> used.
>>
>> 2nd statement does a 301 redirect telling Google that it is permanent.
>>
>> Regards,
>>
>> Michael
>>
>>
>> Am 01.10.18 um 08:32 schrieb Deepak Dixit:
>>
>> Thanks Jacques,
>>> Following rule should work.
>>> =============
>>> RewriteCond %{SERVER_PORT} 80
>>> RewriteRule ^(.*)$ https://ofbiz.apache.org/$1 [R,L]
>>> =============
>>>
>>> Please confirm if it looks good.
>>>
>>> Thanks & Regards
>>> --
>>> Deepak Dixit
>>>
>>>
>>> On Mon, Oct 1, 2018 at 11:45 AM, Jacques Le Roux <
>>> [hidden email]> wrote:
>>>
>>> That's quite a  good idea Deepak
>>>> Jacques
>>>>
>>>>
>>>>
>>>> Le 01/10/2018 à 07:30, Deepak Dixit a écrit :
>>>>
>>>> We have .htaccess file, we can write redirect rule in this file.
>>>>> Thanks & Regards
>>>>> --
>>>>> Deepak Dixit
>>>>>
>>>>>
>>>>> On Sun, Sep 30, 2018 at 3:51 PM, Ashish Vijaywargiya <
>>>>> [hidden email]> wrote:
>>>>>
>>>>> Few important articles from Google's official security blog site:
>>>>>
>>>>>> https://security.googleblog.com/2014/08/https-as-ranking-signal_6.html
>>>>>> https://security.googleblog.com/2015/12/indexing-https-
>>>>>> pages-by-default.html
>>>>>> https://security.googleblog.com/2017/04/next-steps-toward-
>>>>>> more-connection.html
>>>>>> https://security.googleblog.com/2018/02/a-secure-web-is-here
>>>>>> -to-stay.html
>>>>>>
>>>>>> Kind Regards
>>>>>> Ashish Vijaywargiya
>>>>>> HotWax Systems - est. 1997 <http://www.hotwaxsystems.com/>
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Sun, Sep 30, 2018 at 3:31 PM Ashish Vijaywargiya <
>>>>>> [hidden email]> wrote:
>>>>>>
>>>>>> Thanks, Jacques, Please feel free to get it done and let me know if
>>>>>> some
>>>>>>
>>>>>>> help is required from my side. Thanks!
>>>>>>>
>>>>>>> --
>>>>>>> Kind Regards
>>>>>>> Ashish Vijaywargiya
>>>>>>> HotWax Systems - est. 1997 <http://www.hotwaxsystems.com/>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Sun, Sep 30, 2018 at 1:38 PM Jacques Le Roux <
>>>>>>> [hidden email]> wrote:
>>>>>>>
>>>>>>> We can handle it ourselves. It's puppetised. The file is
>>>>>>>
>>>>>>>> infrastructure-puppet\data\roles\tlpserver.yaml at
>>>>>>>> https://github.com/apache/infrastructure-puppet.git in
>>>>>>>>
>>>>>>>> origin/deployment
>>>>>>> branch
>>>>>>>
>>>>>>>> OFBiz block is
>>>>>>>>
>>>>>>>> ofbiz:
>>>>>>>>         vhost_name: '*'
>>>>>>>>         port: 80
>>>>>>>>         servername: 'www.ofbiz.org'
>>>>>>>>         docroot: '/www/ofbiz.apache.org'
>>>>>>>>         manage_docroot: false
>>>>>>>>         serveraliases:
>>>>>>>>           - 'ofbiz.org'
>>>>>>>>         serveradmin: '[hidden email]'
>>>>>>>>         access_log_file: '/x1/logs/weblog.log'
>>>>>>>>         error_log_file: '/x1/logs/errorlog.log'
>>>>>>>>         custom_fragment: |
>>>>>>>>           Redirect permanent / http://ofbiz.apache.org/
>>>>>>>>           UseCanonicalName On
>>>>>>>>           RewriteEngine On
>>>>>>>>           RewriteOptions inherit
>>>>>>>>
>>>>>>>>           # bigfiles.ofbiz.org
>>>>>>>>           RewriteCond ${lowercase:%%{}{HTTP_HOST}}
>>>>>>>> ^bigfiles(?:\.\w+)?\.ofbiz\.org$
>>>>>>>>           RewriteRule (.*) http://ofbiz-bigfiles.apache.org/ [L]
>>>>>>>>
>>>>>>>> So we should add a ssl block and redirect http block to https as
>>>>>>>> explained at https://wiki.apache.org/httpd/RedirectSSL
>>>>>>>>
>>>>>>>> We can do a PR for that. Then it's better with an INFRA Jira because
>>>>>>>>
>>>>>>>> it's
>>>>>>> then seen and prioritised by the Infra team
>>>>>>>
>>>>>>>> Jacques
>>>>>>>>
>>>>>>>>
>>>>>>>> Le 30/09/2018 à 08:03, Taher Alkhateeb a écrit :
>>>>>>>>
>>>>>>>> +1
>>>>>>>>> I'm not sure any effort is needed from our side? We just need to
>>>>>>>>>
>>>>>>>>> coordinate
>>>>>>>> with infra right?
>>>>>>>>> On Sun, Sep 30, 2018, 8:01 AM Ashish Vijaywargiya <
>>>>>>>>> [hidden email]> wrote:
>>>>>>>>>
>>>>>>>>> Hello Team,
>>>>>>>>>
>>>>>>>>>> I think we should put some effort and make it work like if some
>>>>>>>>>> user
>>>>>>>>>>
>>>>>>>>>> hits
>>>>>>>>> http://ofbiz.apache.org(default port http) then the user is
>>>>>>>>> redirected to
>>>>>>>>> https://ofbiz.apache.org(Secure port https)
>>>>>>>>>
>>>>>>>>>> For now, the user sees a message "Not Secure" in the Google Chrome
>>>>>>>>>>
>>>>>>>>>> browser
>>>>>>>>> URL if the user comes to the official ofbiz website. This message
>>>>>>>>> can
>>>>>>>>>
>>>>>>>>>> confuse the end user and he can move away if he is the new user
>>>>>>>>>>
>>>>>>>>>> visiting
>>>>>>>>> the project website.
>>>>>>>>>
>>>>>>>>>> This issue can be easily addressed by setting up the apache
>>>>>>>>>>
>>>>>>>>>> redirects.
>>>>>>>> This
>>>>>>>> change will also help the project URLs from SEO point of view.
>>>>>>>>>> Please share your thoughts then we can plan the things accordingly.
>>>>>>>>>> Thanks!
>>>>>>>>>>
>>>>>>>>>> --
>>>>>>>>>> Kind Regards
>>>>>>>>>> Ashish Vijaywargiya
>>>>>>>>>> HotWax Systems - est. 1997 <http://www.hotwaxsystems.com/>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>


smime.p7s (5K) Download Attachment
deepak nigam-2
Reply | Threaded
Open this post in threaded view
|

Re: "Not Secure" in the Google Chrome browser

deepak nigam-2
Hi All,

Verified 'https://ofbiz.apache.org', it is working fine.

Thanks & Regards
--
Deepak Nigam
HotWax System Pvt. Ltd



On Mon, Oct 1, 2018 at 2:35 PM Michael Brohl <[hidden email]>
wrote:

> Thank you, Deepak!
>
> Regards,
>
> Michael
>
>
> Am 01.10.18 um 10:25 schrieb Deepak Dixit:
> > Thanks Michael,
> >
> > I just discuss this with our sysadmin, and he suggests the same as your
> > solution :)
> >
> > Let me commit this.
> >
> >
> > Thanks & Regards
> > --
> > Deepak Dixit
> >
> >
> > On Mon, Oct 1, 2018 at 1:45 PM, Michael Brohl <[hidden email]>
> > wrote:
> >
> >> Hi Deepak,
> >>
> >> I would suggest
> >>
> >> ===
> >>
> >> RewriteCond %{HTTPS} off
> >> RewriteRule ^\/?(.*)$ <a href="https://%">https://%{HTTP_HOST}/$1 [R=301,L]
> >>
> >> ===
> >>
> >>
> >> 1st statement just checks if https is not active, independent of the
> ports
> >> used.
> >>
> >> 2nd statement does a 301 redirect telling Google that it is permanent.
> >>
> >> Regards,
> >>
> >> Michael
> >>
> >>
> >> Am 01.10.18 um 08:32 schrieb Deepak Dixit:
> >>
> >> Thanks Jacques,
> >>> Following rule should work.
> >>> =============
> >>> RewriteCond %{SERVER_PORT} 80
> >>> RewriteRule ^(.*)$ https://ofbiz.apache.org/$1 [R,L]
> >>> =============
> >>>
> >>> Please confirm if it looks good.
> >>>
> >>> Thanks & Regards
> >>> --
> >>> Deepak Dixit
> >>>
> >>>
> >>> On Mon, Oct 1, 2018 at 11:45 AM, Jacques Le Roux <
> >>> [hidden email]> wrote:
> >>>
> >>> That's quite a  good idea Deepak
> >>>> Jacques
> >>>>
> >>>>
> >>>>
> >>>> Le 01/10/2018 à 07:30, Deepak Dixit a écrit :
> >>>>
> >>>> We have .htaccess file, we can write redirect rule in this file.
> >>>>> Thanks & Regards
> >>>>> --
> >>>>> Deepak Dixit
> >>>>>
> >>>>>
> >>>>> On Sun, Sep 30, 2018 at 3:51 PM, Ashish Vijaywargiya <
> >>>>> [hidden email]> wrote:
> >>>>>
> >>>>> Few important articles from Google's official security blog site:
> >>>>>
> >>>>>>
> https://security.googleblog.com/2014/08/https-as-ranking-signal_6.html
> >>>>>> https://security.googleblog.com/2015/12/indexing-https-
> >>>>>> pages-by-default.html
> >>>>>> https://security.googleblog.com/2017/04/next-steps-toward-
> >>>>>> more-connection.html
> >>>>>> https://security.googleblog.com/2018/02/a-secure-web-is-here
> >>>>>> -to-stay.html
> >>>>>>
> >>>>>> Kind Regards
> >>>>>> Ashish Vijaywargiya
> >>>>>> HotWax Systems - est. 1997 <http://www.hotwaxsystems.com/>
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>> On Sun, Sep 30, 2018 at 3:31 PM Ashish Vijaywargiya <
> >>>>>> [hidden email]> wrote:
> >>>>>>
> >>>>>> Thanks, Jacques, Please feel free to get it done and let me know if
> >>>>>> some
> >>>>>>
> >>>>>>> help is required from my side. Thanks!
> >>>>>>>
> >>>>>>> --
> >>>>>>> Kind Regards
> >>>>>>> Ashish Vijaywargiya
> >>>>>>> HotWax Systems - est. 1997 <http://www.hotwaxsystems.com/>
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>> On Sun, Sep 30, 2018 at 1:38 PM Jacques Le Roux <
> >>>>>>> [hidden email]> wrote:
> >>>>>>>
> >>>>>>> We can handle it ourselves. It's puppetised. The file is
> >>>>>>>
> >>>>>>>> infrastructure-puppet\data\roles\tlpserver.yaml at
> >>>>>>>> https://github.com/apache/infrastructure-puppet.git in
> >>>>>>>>
> >>>>>>>> origin/deployment
> >>>>>>> branch
> >>>>>>>
> >>>>>>>> OFBiz block is
> >>>>>>>>
> >>>>>>>> ofbiz:
> >>>>>>>>         vhost_name: '*'
> >>>>>>>>         port: 80
> >>>>>>>>         servername: 'www.ofbiz.org'
> >>>>>>>>         docroot: '/www/ofbiz.apache.org'
> >>>>>>>>         manage_docroot: false
> >>>>>>>>         serveraliases:
> >>>>>>>>           - 'ofbiz.org'
> >>>>>>>>         serveradmin: '[hidden email]'
> >>>>>>>>         access_log_file: '/x1/logs/weblog.log'
> >>>>>>>>         error_log_file: '/x1/logs/errorlog.log'
> >>>>>>>>         custom_fragment: |
> >>>>>>>>           Redirect permanent / http://ofbiz.apache.org/
> >>>>>>>>           UseCanonicalName On
> >>>>>>>>           RewriteEngine On
> >>>>>>>>           RewriteOptions inherit
> >>>>>>>>
> >>>>>>>>           # bigfiles.ofbiz.org
> >>>>>>>>           RewriteCond ${lowercase:%%{}{HTTP_HOST}}
> >>>>>>>> ^bigfiles(?:\.\w+)?\.ofbiz\.org$
> >>>>>>>>           RewriteRule (.*) http://ofbiz-bigfiles.apache.org/ [L]
> >>>>>>>>
> >>>>>>>> So we should add a ssl block and redirect http block to https as
> >>>>>>>> explained at https://wiki.apache.org/httpd/RedirectSSL
> >>>>>>>>
> >>>>>>>> We can do a PR for that. Then it's better with an INFRA Jira
> because
> >>>>>>>>
> >>>>>>>> it's
> >>>>>>> then seen and prioritised by the Infra team
> >>>>>>>
> >>>>>>>> Jacques
> >>>>>>>>
> >>>>>>>>
> >>>>>>>> Le 30/09/2018 à 08:03, Taher Alkhateeb a écrit :
> >>>>>>>>
> >>>>>>>> +1
> >>>>>>>>> I'm not sure any effort is needed from our side? We just need to
> >>>>>>>>>
> >>>>>>>>> coordinate
> >>>>>>>> with infra right?
> >>>>>>>>> On Sun, Sep 30, 2018, 8:01 AM Ashish Vijaywargiya <
> >>>>>>>>> [hidden email]> wrote:
> >>>>>>>>>
> >>>>>>>>> Hello Team,
> >>>>>>>>>
> >>>>>>>>>> I think we should put some effort and make it work like if some
> >>>>>>>>>> user
> >>>>>>>>>>
> >>>>>>>>>> hits
> >>>>>>>>> http://ofbiz.apache.org(default port http) then the user is
> >>>>>>>>> redirected to
> >>>>>>>>> https://ofbiz.apache.org(Secure port https)
> >>>>>>>>>
> >>>>>>>>>> For now, the user sees a message "Not Secure" in the Google
> Chrome
> >>>>>>>>>>
> >>>>>>>>>> browser
> >>>>>>>>> URL if the user comes to the official ofbiz website. This message
> >>>>>>>>> can
> >>>>>>>>>
> >>>>>>>>>> confuse the end user and he can move away if he is the new user
> >>>>>>>>>>
> >>>>>>>>>> visiting
> >>>>>>>>> the project website.
> >>>>>>>>>
> >>>>>>>>>> This issue can be easily addressed by setting up the apache
> >>>>>>>>>>
> >>>>>>>>>> redirects.
> >>>>>>>> This
> >>>>>>>> change will also help the project URLs from SEO point of view.
> >>>>>>>>>> Please share your thoughts then we can plan the things
> accordingly.
> >>>>>>>>>> Thanks!
> >>>>>>>>>>
> >>>>>>>>>> --
> >>>>>>>>>> Kind Regards
> >>>>>>>>>> Ashish Vijaywargiya
> >>>>>>>>>> HotWax Systems - est. 1997 <http://www.hotwaxsystems.com/>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>
>
>
>
Free forum by Nabble Edit this page