From dev-return-111675-archive-asf-public=cust-asf.ponee.io@ofbiz.apache.org  Mon Oct  1 08:33:13 2018
Return-Path: <dev-return-111675-archive-asf-public=cust-asf.ponee.io@ofbiz.apache.org>
X-Original-To: archive-asf-public@cust-asf.ponee.io
Delivered-To: archive-asf-public@cust-asf.ponee.io
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by mx-eu-01.ponee.io (Postfix) with SMTP id 58B6D180660
	for <archive-asf-public@cust-asf.ponee.io>; Mon,  1 Oct 2018 08:33:12 +0200 (CEST)
Received: (qmail 96213 invoked by uid 500); 1 Oct 2018 06:33:10 -0000
Mailing-List: contact dev-help@ofbiz.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:dev-help@ofbiz.apache.org>
List-Unsubscribe: <mailto:dev-unsubscribe@ofbiz.apache.org>
List-Post: <mailto:dev@ofbiz.apache.org>
List-Id: <dev.ofbiz.apache.org>
Reply-To: dev@ofbiz.apache.org
Delivered-To: mailing list dev@ofbiz.apache.org
Received: (qmail 96194 invoked by uid 99); 1 Oct 2018 06:33:09 -0000
Received: from pnap-us-west-generic-nat.apache.org (HELO spamd2-us-west.apache.org) (209.188.14.142)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 01 Oct 2018 06:33:09 +0000
Received: from localhost (localhost [127.0.0.1])
	by spamd2-us-west.apache.org (ASF Mail Server at spamd2-us-west.apache.org) with ESMTP id 5D0651A03AE
	for <dev@ofbiz.apache.org>; Mon,  1 Oct 2018 06:33:09 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at spamd2-us-west.apache.org
X-Spam-Flag: NO
X-Spam-Score: 1.989
X-Spam-Level: *
X-Spam-Status: No, score=1.989 tagged_above=-999 required=6.31
	tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=2,
	RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001,
	T_DKIMWL_WL_MED=-0.01] autolearn=disabled
Authentication-Results: spamd2-us-west.apache.org (amavisd-new);
	dkim=pass (2048-bit key) header.d=hotwax-co.20150623.gappssmtp.com
Received: from mx1-lw-eu.apache.org ([10.40.0.8])
	by localhost (spamd2-us-west.apache.org [10.40.0.9]) (amavisd-new, port 10024)
	with ESMTP id ll16D_-btTZ2 for <dev@ofbiz.apache.org>;
	Mon,  1 Oct 2018 06:33:07 +0000 (UTC)
Received: from mail-it1-f170.google.com (mail-it1-f170.google.com [209.85.166.170])
	by mx1-lw-eu.apache.org (ASF Mail Server at mx1-lw-eu.apache.org) with ESMTPS id 7C4D65F181
	for <dev@ofbiz.apache.org>; Mon,  1 Oct 2018 06:33:06 +0000 (UTC)
Received: by mail-it1-f170.google.com with SMTP id i76-v6so4338130ita.3
        for <dev@ofbiz.apache.org>; Sun, 30 Sep 2018 23:33:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=hotwax-co.20150623.gappssmtp.com; s=20150623;
        h=mime-version:in-reply-to:references:from:date:message-id:subject:to;
        bh=LsAV3P015R6gjCwcJrowKe/x9Lf6i6B9AKRN8JpLKJ4=;
        b=Mr15gx8ofdYLNO+1JbjS9VAvvjgFfiy0HyAdu1UUShGb6djHkGs7aIQ/HcnBK7xe3D
         8+s1FHt4szqiGRU5aW3/IfwKDieL8zZYbHNu2rRgUICvWhiUx0dDu6XKQd0owjD7uIof
         MBpJKigLgAL+qH/G+nAlBvh9UCtsu04QVJBdwltZY8seqgLmBs+LAht/Wc0lQIEBTZnW
         Uv+VGD3JVrler1PWsvSEExxp3l4PQALgSeTw5Qm1kPbg9/dFBjp9VubjbSGRiqB07bvz
         fU52iXz3MdIeIYDnpJ2QjS72ZmchyPsF4QKF1NjmS4uu0ZqOM+6asZk1MASJe0mlVTxv
         mLRw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:in-reply-to:references:from:date
         :message-id:subject:to;
        bh=LsAV3P015R6gjCwcJrowKe/x9Lf6i6B9AKRN8JpLKJ4=;
        b=lnu9+6Vorwq4pYWJqW8K2t01TlVbK0v47rlyGRPS1ctPRPxAww5vEJPSGOdG+qDxTC
         OqzmT4Ji7Nwu+N8qmzArZhZoQhOPmbvnfyd/jnNkT09z7K5M4jaktyq0yZrif7NU0sKj
         EajgNAqJZ3TJyo3ItMC3l+UMxLO42h/lu08SXaKV7LCyIMnD2BqbvXbPuc4b0FmWmqVl
         Ai7FtW2pjw52tx/B8pC+TYDkiMqYvX3OeuFTn+IiLLoB1BY79WQ/qVfYEy3Uu7wiqsua
         T2jZTlJYGHFXfas7IbHlzNNnX8sPbaqYo4nUUMLWVjys+jatqhgPC4P8/sUaNjFpBbda
         nQKA==
X-Gm-Message-State: ABuFfog/ihzAEYhFoDxFG29gdFmAyNKoAFk6WvGLKTpOJ5l6uOt/m8Nv
	SKXaK3bFxckz0WKydVYm8TXYyYODu0l2+8TFibKK3TuXGQM=
X-Google-Smtp-Source: ACcGV60TU/BPFeTqNUVt/a9JYknTGL5dqZXnIBOelPtouwSmxzkjaOrWnDzcqFJHH6bPAUFRuXvWIEbyO6RiwRbU/tE=
X-Received: by 2002:a24:dd49:: with SMTP id t70-v6mr8971342itf.109.1538375578797;
 Sun, 30 Sep 2018 23:32:58 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a02:4887:0:0:0:0:0 with HTTP; Sun, 30 Sep 2018 23:32:38
 -0700 (PDT)
In-Reply-To: <b05fa3f3-a7ab-8353-4109-be347647c645@les7arts.com>
References: <CAOGi9LZGYpnU6YW+kVFD9aybEBsz9H8-i151uAXYzJJK0SWe1Q@mail.gmail.com>
 <CAFqjAi0XqvS1nxCE5UGBeBNOmyCnCPAAabAiyLswnrpOFW12oA@mail.gmail.com>
 <8a38e6b2-9115-3e50-3d54-f43b58b65a90@les7arts.com> <CAOGi9LYWjNdM291BhS6_AzNWvtua7JxpodS1_HUGoMWPCB7fqA@mail.gmail.com>
 <CAOGi9LZv5DJTbgFwFBj4iVrXiSxMEDdFUPL_uKtUQuM0JQwWAA@mail.gmail.com>
 <CAGgvqGn5QT+yJKhoVK-hU0M_7CC82Rak2BT9DceoTYJQF2_STQ@mail.gmail.com> <b05fa3f3-a7ab-8353-4109-be347647c645@les7arts.com>
From: Deepak Dixit <deepak.dixit@hotwax.co>
Date: Mon, 1 Oct 2018 12:02:38 +0530
Message-ID: <CAGgvqG=pLZirbLgYqh+oWJvUQcrh_bNLLW1Juhp1M2Yj6naSvQ@mail.gmail.com>
Subject: Re: "Not Secure" in the Google Chrome browser
To: Dev list <dev@ofbiz.apache.org>
Content-Type: multipart/alternative; boundary="000000000000e7e323057724f97f"

--000000000000e7e323057724f97f
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

Thanks Jacques,

Following rule should work.
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://ofbiz.apache.org/$1 [R,L]
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D

Please confirm if it looks good.

Thanks & Regards
--
Deepak Dixit


On Mon, Oct 1, 2018 at 11:45 AM, Jacques Le Roux <
jacques.le.roux@les7arts.com> wrote:

> That's quite a  good idea Deepak
>
> Jacques
>
>
>
> Le 01/10/2018 =C3=A0 07:30, Deepak Dixit a =C3=A9crit :
>
>> We have .htaccess file, we can write redirect rule in this file.
>>
>> Thanks & Regards
>> --
>> Deepak Dixit
>>
>>
>> On Sun, Sep 30, 2018 at 3:51 PM, Ashish Vijaywargiya <
>> ashish.vijaywargiya@hotwaxsystems.com> wrote:
>>
>> Few important articles from Google's official security blog site:
>>>
>>> https://security.googleblog.com/2014/08/https-as-ranking-signal_6.html
>>> https://security.googleblog.com/2015/12/indexing-https-
>>> pages-by-default.html
>>> https://security.googleblog.com/2017/04/next-steps-toward-
>>> more-connection.html
>>> https://security.googleblog.com/2018/02/a-secure-web-is-here
>>> -to-stay.html
>>>
>>> Kind Regards
>>> Ashish Vijaywargiya
>>> HotWax Systems - est. 1997 <http://www.hotwaxsystems.com/>
>>>
>>>
>>>
>>> On Sun, Sep 30, 2018 at 3:31 PM Ashish Vijaywargiya <
>>> ashish.vijaywargiya@hotwaxsystems.com> wrote:
>>>
>>> Thanks, Jacques, Please feel free to get it done and let me know if som=
e
>>>> help is required from my side. Thanks!
>>>>
>>>> --
>>>> Kind Regards
>>>> Ashish Vijaywargiya
>>>> HotWax Systems - est. 1997 <http://www.hotwaxsystems.com/>
>>>>
>>>>
>>>>
>>>> On Sun, Sep 30, 2018 at 1:38 PM Jacques Le Roux <
>>>> jacques.le.roux@les7arts.com> wrote:
>>>>
>>>> We can handle it ourselves. It's puppetised. The file is
>>>>> infrastructure-puppet\data\roles\tlpserver.yaml at
>>>>> https://github.com/apache/infrastructure-puppet.git in
>>>>>
>>>> origin/deployment
>>>
>>>> branch
>>>>>
>>>>> OFBiz block is
>>>>>
>>>>> ofbiz:
>>>>>       vhost_name: '*'
>>>>>       port: 80
>>>>>       servername: 'www.ofbiz.org'
>>>>>       docroot: '/www/ofbiz.apache.org'
>>>>>       manage_docroot: false
>>>>>       serveraliases:
>>>>>         - 'ofbiz.org'
>>>>>       serveradmin: 'users@infra.apache.org'
>>>>>       access_log_file: '/x1/logs/weblog.log'
>>>>>       error_log_file: '/x1/logs/errorlog.log'
>>>>>       custom_fragment: |
>>>>>         Redirect permanent / http://ofbiz.apache.org/
>>>>>         UseCanonicalName On
>>>>>         RewriteEngine On
>>>>>         RewriteOptions inherit
>>>>>
>>>>>         # bigfiles.ofbiz.org
>>>>>         RewriteCond ${lowercase:%%{}{HTTP_HOST}}
>>>>> ^bigfiles(?:\.\w+)?\.ofbiz\.org$
>>>>>         RewriteRule (.*) http://ofbiz-bigfiles.apache.org/ [L]
>>>>>
>>>>> So we should add a ssl block and redirect http block to https as
>>>>> explained at https://wiki.apache.org/httpd/RedirectSSL
>>>>>
>>>>> We can do a PR for that. Then it's better with an INFRA Jira because
>>>>>
>>>> it's
>>>
>>>> then seen and prioritised by the Infra team
>>>>>
>>>>> Jacques
>>>>>
>>>>>
>>>>> Le 30/09/2018 =C3=A0 08:03, Taher Alkhateeb a =C3=A9crit :
>>>>>
>>>>>> +1
>>>>>>
>>>>>> I'm not sure any effort is needed from our side? We just need to
>>>>>>
>>>>> coordinate
>>>>>
>>>>>> with infra right?
>>>>>>
>>>>>> On Sun, Sep 30, 2018, 8:01 AM Ashish Vijaywargiya <
>>>>>> ashish.vijaywargiya@hotwaxsystems.com> wrote:
>>>>>>
>>>>>> Hello Team,
>>>>>>>
>>>>>>> I think we should put some effort and make it work like if some use=
r
>>>>>>>
>>>>>> hits
>>>>>
>>>>>> http://ofbiz.apache.org(default port http) then the user is
>>>>>>>
>>>>>> redirected to
>>>>>
>>>>>> https://ofbiz.apache.org(Secure port https)
>>>>>>>
>>>>>>> For now, the user sees a message "Not Secure" in the Google Chrome
>>>>>>>
>>>>>> browser
>>>>>
>>>>>> URL if the user comes to the official ofbiz website. This message ca=
n
>>>>>>> confuse the end user and he can move away if he is the new user
>>>>>>>
>>>>>> visiting
>>>>>
>>>>>> the project website.
>>>>>>>
>>>>>>> This issue can be easily addressed by setting up the apache
>>>>>>>
>>>>>> redirects.
>>>
>>>> This
>>>>>
>>>>>> change will also help the project URLs from SEO point of view.
>>>>>>>
>>>>>>> Please share your thoughts then we can plan the things accordingly.
>>>>>>> Thanks!
>>>>>>>
>>>>>>> --
>>>>>>> Kind Regards
>>>>>>> Ashish Vijaywargiya
>>>>>>> HotWax Systems - est. 1997 <http://www.hotwaxsystems.com/>
>>>>>>>
>>>>>>>
>>>>>
>

--000000000000e7e323057724f97f--