ninjette.org - View Single Post

Alex · April 7th, 2014, 04:04 PM

Seems like most of the issues have been sorted out. There are nuances in getting everything pushed correctly from:

http://ninjette.org
http://www.ninjette.org
https://ninjette.org
https://www.ninjette.org

to all be correctly pushed to and served from:

https://www.ninjette.org

even when there are subdirectories past the main domain coming in on the query, for all 4 choices. It takes a combination of mod_rewrites to add the www, and redirects between apache virtual servers to push all http traffic to https. For fun, go check any of your favorite sites that use SSL, and try all 4 combinations to see what happens. Just found out my main company's site is borked by a couple of these (Fortune 20).

Also learned that SSL certs are tied directly to "ninjette.org" or "www.ninjette.org", but not necessarily both. Many providers do not create certs that will work on both, and you have to pay extra for wildcard-type certs to cover that case. GoDaddy certs apparently include the domain.com and the www.domain.com, so it is working here by dumb luck, not because I understood that ahead of time.

Added a "site seal" in the footer, which allows the truly paranoid a separate check that my cert provider confirms that this is actually the right site, and the cert was obtained and installed correctly.

April 7th, 2014, 04:04 PM	#5
Alex ninjette.org dude Name: 1 guess :-) Location: SF Bay Area Join Date: Jun 2008 Motorcycle(s): '13 Ninja 300 (white, the fastest color!), '13 R1200RT, '14 CRF250L, '12 TT-R125LE Posts: Too much. Blog Entries: 7	Seems like most of the issues have been sorted out. There are nuances in getting everything pushed correctly from: http://ninjette.org http://www.ninjette.org https://ninjette.org https://www.ninjette.org to all be correctly pushed to and served from: https://www.ninjette.org even when there are subdirectories past the main domain coming in on the query, for all 4 choices. It takes a combination of mod_rewrites to add the www, and redirects between apache virtual servers to push all http traffic to https. For fun, go check any of your favorite sites that use SSL, and try all 4 combinations to see what happens. Just found out my main company's site is borked by a couple of these (Fortune 20). Also learned that SSL certs are tied directly to "ninjette.org" or "www.ninjette.org", but not necessarily both. Many providers do not create certs that will work on both, and you have to pay extra for wildcard-type certs to cover that case. GoDaddy certs apparently include the domain.com and the www.domain.com, so it is working here by dumb luck, not because I understood that ahead of time. Added a "site seal" in the footer, which allows the truly paranoid a separate check that my cert provider confirms that this is actually the right site, and the cert was obtained and installed correctly. __________________________________________________ Montgomery Street Motorcycle Club / cal24.com / crf250l.org / ninjette.org ninjette.org Terms of Service Shopping for motorcycle parts or equipment? Come here first. The friendliest Ninja 250R/300/400 forum on the internet! (especially Unregistered)
	1 out of 1 members found this post helpful.