ofbiz-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jacques Le Roux <jacques.le.r...@les7arts.com>
Subject Re: "Not Secure" in the Google Chrome browser
Date Mon, 01 Oct 2018 06:15:11 GMT
That's quite a  good idea Deepak

Jacques


Le 01/10/2018 à 07:30, Deepak Dixit a écrit :
> We have .htaccess file, we can write redirect rule in this file.
>
> Thanks & Regards
> --
> Deepak Dixit
>
>
> On Sun, Sep 30, 2018 at 3:51 PM, Ashish Vijaywargiya <
> ashish.vijaywargiya@hotwaxsystems.com> wrote:
>
>> Few important articles from Google's official security blog site:
>>
>> https://security.googleblog.com/2014/08/https-as-ranking-signal_6.html
>> https://security.googleblog.com/2015/12/indexing-https-
>> pages-by-default.html
>> https://security.googleblog.com/2017/04/next-steps-toward-
>> more-connection.html
>> https://security.googleblog.com/2018/02/a-secure-web-is-here-to-stay.html
>>
>> Kind Regards
>> Ashish Vijaywargiya
>> HotWax Systems - est. 1997 <http://www.hotwaxsystems.com/>
>>
>>
>>
>> On Sun, Sep 30, 2018 at 3:31 PM Ashish Vijaywargiya <
>> ashish.vijaywargiya@hotwaxsystems.com> wrote:
>>
>>> Thanks, Jacques, Please feel free to get it done and let me know if some
>>> help is required from my side. Thanks!
>>>
>>> --
>>> Kind Regards
>>> Ashish Vijaywargiya
>>> HotWax Systems - est. 1997 <http://www.hotwaxsystems.com/>
>>>
>>>
>>>
>>> On Sun, Sep 30, 2018 at 1:38 PM Jacques Le Roux <
>>> jacques.le.roux@les7arts.com> wrote:
>>>
>>>> We can handle it ourselves. It's puppetised. The file is
>>>> infrastructure-puppet\data\roles\tlpserver.yaml at
>>>> https://github.com/apache/infrastructure-puppet.git in
>> origin/deployment
>>>> branch
>>>>
>>>> OFBiz block is
>>>>
>>>> ofbiz:
>>>>       vhost_name: '*'
>>>>       port: 80
>>>>       servername: 'www.ofbiz.org'
>>>>       docroot: '/www/ofbiz.apache.org'
>>>>       manage_docroot: false
>>>>       serveraliases:
>>>>         - 'ofbiz.org'
>>>>       serveradmin: 'users@infra.apache.org'
>>>>       access_log_file: '/x1/logs/weblog.log'
>>>>       error_log_file: '/x1/logs/errorlog.log'
>>>>       custom_fragment: |
>>>>         Redirect permanent / http://ofbiz.apache.org/
>>>>         UseCanonicalName On
>>>>         RewriteEngine On
>>>>         RewriteOptions inherit
>>>>
>>>>         # bigfiles.ofbiz.org
>>>>         RewriteCond ${lowercase:%%{}{HTTP_HOST}}
>>>> ^bigfiles(?:\.\w+)?\.ofbiz\.org$
>>>>         RewriteRule (.*) http://ofbiz-bigfiles.apache.org/ [L]
>>>>
>>>> So we should add a ssl block and redirect http block to https as
>>>> explained at https://wiki.apache.org/httpd/RedirectSSL
>>>>
>>>> We can do a PR for that. Then it's better with an INFRA Jira because
>> it's
>>>> then seen and prioritised by the Infra team
>>>>
>>>> Jacques
>>>>
>>>>
>>>> Le 30/09/2018 à 08:03, Taher Alkhateeb a écrit :
>>>>> +1
>>>>>
>>>>> I'm not sure any effort is needed from our side? We just need to
>>>> coordinate
>>>>> with infra right?
>>>>>
>>>>> On Sun, Sep 30, 2018, 8:01 AM Ashish Vijaywargiya <
>>>>> ashish.vijaywargiya@hotwaxsystems.com> wrote:
>>>>>
>>>>>> Hello Team,
>>>>>>
>>>>>> I think we should put some effort and make it work like if some user
>>>> hits
>>>>>> http://ofbiz.apache.org(default port http) then the user is
>>>> redirected to
>>>>>> https://ofbiz.apache.org(Secure port https)
>>>>>>
>>>>>> For now, the user sees a message "Not Secure" in the Google Chrome
>>>> browser
>>>>>> URL if the user comes to the official ofbiz website. This message
can
>>>>>> confuse the end user and he can move away if he is the new user
>>>> visiting
>>>>>> the project website.
>>>>>>
>>>>>> This issue can be easily addressed by setting up the apache
>> redirects.
>>>> This
>>>>>> change will also help the project URLs from SEO point of view.
>>>>>>
>>>>>> Please share your thoughts then we can plan the things accordingly.
>>>>>> Thanks!
>>>>>>
>>>>>> --
>>>>>> Kind Regards
>>>>>> Ashish Vijaywargiya
>>>>>> HotWax Systems - est. 1997 <http://www.hotwaxsystems.com/>
>>>>>>
>>>>


Mime
View raw message