Résolu https et administration inaccessible.

Plus d'informations
01 Mai 2016 06:10 - 01 Mai 2016 06:13 #1 par Eclipse
https et administration inaccessible. a été créé par Eclipse
https et administration inaccessible.
Je viens d'activer le HTTPS.
redirection permanente http vers https depuis mon manager d'hébergement ( je ne l'ai pas fais, je perd l'acces au back end. )
et une autre redirection, je lis que je dois etre sur de ce que je fais, car, elle doit durer 6 mois et plus.
##################
MES ESSAIS sur le site en ligne
Depuis Joomla! administrator
Activer SSL sur tout le site.
BAAAAAM Je peux plus me loguer en Administrateur.
Sur le site, apparemment peut être que oui mais les CSS ont disparues.
Depuis configuration.php
public $live_site = 'www.domaine.eu'; // devrait passer https..... ? :p au final ne met RIEN suite à une lecture qui parlait de boucle.
public $force_ssl = '0'; ( 1 admin ou 2 admin et site ) Actuellement à 0 il me semble.
// cela ne change rien, en https je n'arrive pas à me loguer en administrator
Pour htaccess ( mais j'utilise aesecure ) -> BAAAAM ERREUR 500 si j'active le rewrite.
#Uncomment if want to force HTTPS and if your server can handle it
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
######################################
La connexion ne fonctionne pas pour le login quand je suis en https ( sous certaines conditions ) notamment dans l'admin.
( Peut etre probleme de HASH alors !!! ? )
Cela n'explique pas les problèmes de CSS qui est permanent.
Mais, cela explique peut être mon impossibilité de me loguer à l'admin ? Ma mod de connexion est BT LOGIN.
Je trouve :
Using SSL Redirect in Joomla! ( Plugin )
Source du plugin :
extensions.joomla.org/extensions/extensi...ireo-ssl-redirection
www.yireo.com/tutorials/joomla/joomla-ex...l-redirect-in-joomla
www.yireo.com/software/joomla-extensions/ssl-redirect/downloads

The Joomla! plugin SSLRedirect allows you to implement SSL the way it should be: Normally in Joomla!, a page can be called via both HTTP and HTTPS. There is no real guarantee whether a SSL-page is really served through SSL. This is where the SSLRedirect plugin steps in: It guarantees that a specific page is accessed only through SSL (or not). This whitepaper explains how to use the plugin and how to troubleshoot it when things go wrong.

Install the ZIP file from within the Joomla! Administrator as a regular extension.
Next go to the Plugin Manager to enable this system-plugin. It is listed as System - SSL Redirect.[/quote]
J'ai installé ce plugin et activé tout ce qu'il me trouve, pour mettre en https.
Il me permet de désactiver le https du backend ( SAUF SI UNE REDIRECTION FORCE LE HTTPS. )
Je désactive le https du backend, depuis la configuration du plugin. Sinon, je n'arrive pas à me loguer au backend.
Mes CSS en front end ne sont toujours pas affichées comme je le veux.
( Manque toujours la police (et peut être d'autres styles), manque aussi un iframe de tagul.com )
La documentation de ce plugin. Je sèche avec SSL. Pleure. Vais contacter mon hébergeur.
Si vous avez des idées ...
1 - Pour me permettre de passer l'admin en https ???
2- Pour me permettre de récupérer TOUT mes styles css, police, + le script de nuage de tagul.com


Quelque chose est masqué pour les invités. Veuillez vous connecter ou vous enregistrer pour le visualiser.

General usage
Before using this plugin, make sure that your site is able to use SSL. Change the URL in your browser from http:// to https:// and test the result. If this does not work, you need to contact your hosting provider.
The plugin parameters allow you to select Menu-Items for which SSL should work, or components to which SSL should be applied. The plugin automatically applies non-SSL to all other pages. If your Joomla! page is not accessible through a Menu-Item (in other words: there is no Itemid) and the component-parameter is too general, you can still use the textarea Custom pages to add URLs manually. Also included is the option to use SSL for logged-in users.
Webservers with Suhosin might cause problems due to the setting suhosin.session.encrypt set to Yes. This setting prevents sessions from being switched between HTTPS and HTTP.
Troubleshooting: SSL is actually not available
If you have choosen to enable SSL everywhere on your site, but actually SSL is not even available on your hosting environment, we advise you to get help from a professional or to restore simply from a backup. Managing SSL is something that should only be picked up by those that actually understand its consequences. To remove our SSLRedirect plugin, simply remove the files from the folder plugins/system.
If you have enabled SSL for the backend by modifying the Joomla! Global Configuration, you should be able to restore the configuration.php file from a recent backup. If you have no backup, again our advise is to get professional help because a crashed site without a valid backup shows many other problems ahead. Note that a modification of the Joomla! Global Configuration has absolutely nothing to do with our SSLRedirect extension, and we are unable to provide free support for this. If you want our help, send an email to info@yireo.com so we can send you a quote. Alternatively, you can just modify the configuration.php and modify the $force_ssl setting from 1 (or 2) to 0.
If this does not work, and you need to remove the plugin from the database, open up your Joomla! database using phpMyAdmin or whatever tool your hosting provider is giving you (if uncertain, ask your hosting provider) and remove the entries from the #__extensions database table (where #__ should be replaced with your own database table prefix). If you want our help, send an email to info@yireo.com so we can send you a quote.
Troubleshooting: SSL mixed content
When a padlock appears in your browsers addressbar (red or green) it shows that SSL is being used, and most likely that this SSL Redirection plugin is working properly. However, when the padlock is red, the browser objects because - while the page itself is loaded over SSL - some of its page-resources (CSS, JavaScript, images) are not. To get a green padlock, you will need to make sure all page-resources are loaded over HTTPS.
When building Joomla! extensions or Joomla! templates, the code should be flexible enough to switch easily between SSL and non-SSL. In its most simple form, the Joomla! Framework code needs to be used to generate links, and hard-coded links (like http:// and https://) should be prevented. If you're not a developer yourself, it's best to ask the original developer to fix this for you.
You can use the Firefox Web Developer Toolbar, Firebug or the Chrome Developer Tools to determine which page-resources are loaded from where. Alternatively, you can just open up the Page Info under Firefox and inspect all resources using the Media-tab. If that's your thing, you can also study the HTML-code. Note that AJAX links might also cause issues.
Troubleshooting: Compatibility with MobileJoomla
Reports have come in that MobileJoomla works only together with SSLRedirect when the Joomla! Menu-Items are configured with the option Secure set to On. (Check the Menu-Item parameter-tab Metadata Options. Selecting SSL based on other logic (components, PHP-code or custom pages) might not work at all for mobile clients.
Note that the default mobile-templates that MobileJoomla offers are making heavy usage of AJAX: Instead of loading the page through a regular GET-request, an AJAX call is made instead - replacing the current content and modifying the address-bar. Because of this, the protocol (HTTP or HTTPS) might be ignored alltogether for mobile clients.
Troubleshooting tips
When using SSLRedirect, you'll want to make sure no other mechanism is redirecting to SSL or back. To make no such mechanism exists, disable our plugin and disable SSL in the Global Configuration. You should be able to visit the non-HTTPS pages, but simply by replacing http with https in the URL you should be able to visit the HTTPS pages as well. If you're redirected back to non-HTTPS again, there's a mechanism in place that also redirects SSL, which will conflict with our SSLRedirect plugin.
Make sure to check your Apache htaccess file. If it contains any rules based on the protocol SSL or the port (80 or 443), remove that rule. Make sure to check your configuration.php file to see if the $live_site variable is empty - if it contains a value, remove that value and save the file.

Dernière édition: 01 Mai 2016 06:13 par Eclipse.

Connectez-vous ou Créer un compte pour participer à la conversation.

Plus d'informations
02 Mai 2016 18:17 #2 par lavsteph

Connectez-vous ou Créer un compte pour participer à la conversation.

Plus d'informations
21 Mai 2016 06:29 - 21 Mai 2016 06:30 #3 par Eclipse
Réponse de Eclipse sur le sujet https et administration inaccessible.
Oui merci, ça semble résolu,
Activation https chez l'hébergeur,
Résolution du contenu Mix.
JE N'AI PAS activé SSL depuis le panneau de configuration, ni, des menus de connexion , MAIS, j'utilise un plugin de redirection SSL, ça semble fonctionner.
Suite à la mise à jour de ce plugin, l'administration fonctionne aussi en https.
J'ai donc pu mettre en place une redirection permanente en https, avec htaccess.
Par contre, j'ai un appel vers mon DOMAIN.EXT/index.php je veux encore me débarasser du index.php
Enfin, je n'arrive décidément pas à appliquer mon htpasswd sur l'administration, j'ai lancé une requete à l'hébergeur.
Je tombe en erreur 500.
Dernière édition: 21 Mai 2016 06:30 par Eclipse.

Connectez-vous ou Créer un compte pour participer à la conversation.

  • Vous ne pouvez pas: Créer un nouveau sujet.
  • Vous ne pouvez pas: Répondre au sujet.
  • Vous ne pouvez pas: Éditer votre message.
Modérateurs: lavstephxillibittramber91Scottuxsergestarter
Temps de génération de la page : 0.154 secondes