Tag: SSL

Certificates, Web, Wordpress

Redirect All HTTP to HTTPS in WordPress with .htaccess

Jared Meredith

I recently had a request from a client to transfer all web traffic on some WordPress site (www or no www) to all be forced over HTTPS. And with all of the up and coming security issues that stem from HTTP-only traffic it is a must. Why you ask? Well, unless you are explicitly doing this already users may able to browse and intercept traffic from your site with no encryption. If you have a SSL certificate but have not done this to your WordPress site then please do so!

Edit your .htaccess file and append this somewhere at the bottom (and change your website URL to the URL that is associated with the SSL certificate):

RewriteCond %{HTTPS} !^on$
RewriteRule (.*) https://www.example.com/$1 [R,L]

After this you should see all browsing of HTTP to your site to be automatically redirected to HTTPS. Note: in some cases you will have to update all the links and content of your site to use links that are HTTPS also. There are useful plugins out there that can assist with doing a bulk conversion of this. Otherwise you users will not get the padlock icon on the page (or even cases where the page will not render entirely). Happy securing! Hope this helps, questions are always welcome.

MongoDB, Sitecore

Connect Sitecore xDB To A MongoDB On Rackspace’s ObjectRocket Platform With SSL

Jared Meredith

This was a fun experience. Anyway, let’s go. Got a 5GB $149/mo Medium pricing package from Object Rocket (Note: Small does not have SSL in its package).

ORPricing

So after you get someone to kindly pay for your package then you will get a login to Object Rocket and (more importantly) the ability to create a mongodb instance:

instance

Then once you have your instance you can create your user to add to the instance:

adduser

Once you have an instance and a user added to it then grab your SSL address:

address

So now you have instance databases, a database user, and a SSL address to connect to. From here we move to Sitecore. For the sake of keeping this short we are going to assume you have Sitecore Analytics enabled in your instance.

Once you have worked your magic then navigate to your ConnectionStrings.config (located in your web root/Website/App_Config and add the connection strings for the four pieces (analytics, tracking.live, tracking.history, and tracking.contact):

<add name="analytics" connectionString="mongodb://easyaspieuser:easyaspiepassword@iad-mongos2.objectrocket.com:25123/EASYASPIE_analytics?ssl=true;sslverifycertificate=false" />
<add name="tracking.live" connectionString="mongodb://easyaspieuser:easyaspiepassword@iad-mongos2.objectrocket.com:25123/EASYASPIE_live?ssl=true;sslverifycertificate=false" />
<add name="tracking.history" connectionString="mongodb://easyaspieuser:easyaspiepassword@iad-mongos2.objectrocket.com:25123/EASYASPIE_tracking_history?ssl=true;sslverifycertificate=false" />
<add name="tracking.contact" connectionString="mongodb://easyaspieuser:easyaspiepassword@iad-mongos2.objectrocket.com:25123/EASYASPIE_tracking_contact?ssl=true;sslverifycertificate=false" />

A couple things of note:

  • ssl=true indicates to sitecore and mongo that you are going to connect with SSL.
  • You can test your connection with a tool like Robomongo or Mongovue.
  • If you have an instance that has a network appliance in front of it (like in my case) then you will need to add sslverifycertificate=false to keep the SSL connection from trying to read a .pem file from you.
  • Parameters you pass need to be separated by a semi-colon. Yes, I thought ampersand as well (and even see it documented as such here). ObjectRocket was kind enough to help me figure that out.
  • If you are in a DMZ that is heavily firewalled then you will need the port number firewall exception put in for you (for my example it would be TCP 25123)
  • Troubleshoot by reading the Sitecore logs (usually located in your website instance/data/logs/)

Getting a successful connection will bring up data:

analytics

I hope this helps, questions are welcome!