BlackNova Gaming Network

I have just recently set up my web server for SSL HTTPS, using a certificate from an accredited certificate authority, all HTTP access is now redirected, but not BNT, is there a way to run BNT under HTTPS?

usalabs wrote: ↑Thu May 28, 2020 17:59 UTC I have just recently set up my web server for SSL HTTPS, using a certificate from an accredited certificate authority, all HTTP access is now redirected, but not BNT, is there a way to run BNT under HTTPS?

Just setup the web host to use HTTPS (port 443) and to use the certs and it will just work, we run BNT and the Forums over HTTPS without any issue.

I have,,,, all my web pages now use HTTPS except bnt, bnt is not a vhost, it's a sub-folder off of my main site, linked using Apache doc redirect, IE, my main site resides at /var/www/e107 (not html) and I set Apache doc root to that location, then I created a new folder at /var/www/bnt and set Apache's doc redirect to point to that location when appending /traders to the end of the url.

EG
https://home-regions.no-ip.org shows an offline page while I'm setting it up, and all links within that site also use HTTPS
https://home-regions.no-ip.org/traders seems to go back to using HTTP not HTTPS and the site settings show I'm using a valid certificate, it's just that bnt is not using HTTPS for some reason.

Your BNT is using HTTPS and its secure, its just moaning that not all your links / images etc are using HTTPS in them.
I have tracked it back to the Sourceforge link located in footer.php.

Look for http://sflogo.sourceforge.net in footer.php (around line 97) and change that to https://sflogo.sourceforge.net and it should then be fine, just repeat that when you find a HTTP in a URL.

I changed that line and other ones that have HTTP in the url, but I still get the same result, how do you find which items are insecure? It used to be I could click on the padlock and it'll show any insecure files or images, etc etc, but I can't do that with chrome.

Ok, I found it, I have two versions of BNT installed, one for testing and the main one I use live, and I was changing the test one lol

The console is showing 2 of these error though:-

Mixed Content: The page at 'https://home-regions.no-ip.org/traders/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Ubuntu'. This request has been blocked; the content must be served over HTTPS.

Which file is that HTTP url in?

That would be in header.php