Jim, I'm sorry but I don't understand your request. Why do you need this in the admin panel?

There should be a simple switch that makes your oxwall site fully https secured.

Wordpress has a plugin that does this why can't oxwall?

Rankings now play a big factor in ssl. This needs to be priority. I would stop all productions until this gets added.

ssl is not a big factor in rankings 
but yes it does help 

have you tryed run site full https and use htacess to turn it of on pages like newsfeed

or blogs

 RewriteCond %{HTTPS} on

RewriteCond %{REQUEST_URI} /blog

RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI} [R,L]

ohhh and you need do this
Edit ow_core/application.php

Remove or comment out the line 527: $this->httpVsHttpsRedirect();

as this stops  htacess from turn ssl on for a page or for turn it off for a page 

i will give it a shot. thnx tammy

Tammy, this method httpVsHttpsRedirect() was specifically added to core files and it allows to redirect to https the certain pages and you may break down other parts of software by commenting this line. That is why we strongly recommend not to modify the core files.  Also when you update your site - all the changes you've made will be lost.

Tammy's suggestion helped me narrow down the issue i was having.

100% understand that a update will remove the edit.

Oxwall should reflect on this and make this feature more stable.

I shouldn't have to change any settings for https to work. I should have control of that via http.conf virtual host.

All sites that i have on my servers can be http or https withought me having to change anything because I created a virtual host for them all with port 80 and port 443.

if all directory paths in the script just uses some kind of $HOST line and then /directory then this could be easily accomplished.  Problem is there is a lot of plugins and core files that doesn't do this and has static http in the script it compiles and cant be changed unless you manually do it.

The easiest solution would be to make a simple switch that will change all links virtually into https without it really modifying anything.

There is a really good dev right now that is working on such a plugin and should be released soon. I can't wait  lol :)

"There is a really good dev right now that is working on such a plugin and should be released soon. I can't wait  lol :)"

I am facing big problems trying to set up my site with https...

is there any news about this dev which was working on that plugin?

A plug in is not the answer 

There so much things across oxwall platform and base plug-ins and 3rd  party plug-ins that it to much for a plug in to fix and the dev will go mad at try keep up when anything is updated

The only way this will be fixed and stay fixed is oxwall fixing there core and plugins and forcing 3rd party dev to fix there plugin 

Any plugin will only ever be tem  fix and not worth buying

 

I've been working on putting up this site for last few weeks and now I am banging my head on the wall trying to make it work with ssl.

at the begging I wanted of course to force ssl for non-ssl as well but then I hit lots of problems.

now I dropped the idea and I just want to enable ssl for the site and still I can't make it work. 

this is a shame and so frustrating. 

If you got that far and read through here, please do not redirect with 301 this is pretty bad cause if you want to revert this redirect it will be a headache. Use instead 302.

RewriteCond %{HTTPS} !=on

RewriteRule ^(.*)$ https://afinitate.ro/$1 [R=302,L]

Using HTTPS should be a final decision, 301 is fine and preferable in SEO. There's no reason for a secured website to switch back to something that isn't secure.

Though I do understand with Oxwall and a new website, you might want to revert back since SSL is currently poop with Oxwall. That makes sense.

ok, I solved it. 

the ssl works, all you have to do is to switch the http to https in the config.php

not redirect is needed, that was a major disturbance for me and led me to wrong paths and a lot of headache. 

but you have to make sure you have this in your site.conf file site-ssl.conf file (apache2 ubuntu 14)

DirectoryIndex index.php index.html index.shtml index.htm default.html Default.htm default.html Default.html default.shtml Default.shtml page1.html index.pl index.cgi index.php3 index.phtml home.htm home.html home.shtml index.wml


Options FollowSymLinks
AllowOverride All


Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all


ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/

AllowOverride All
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all

yes that is the correct way to have your oxwall site use https but it causes alot of problems. It forces every link to https even if it is a site that doesn't use https and it breaks the links. There should be a shortcode or some kind of class you could add to the link to make it stay http if you want it to.

So if you have flash games for example on your site and they link to some server just using http   it will change it to https and the game will no longer work. The solution Chase was to just redirect the user to the non ssl site in there own window and it fixes that problem. I have to manually edit all my old games that doesn't support ssl to this new method. 

I wish it would force all non ssl links to open in new window and keep it non ssl.

JoshWho, you are way more advance in this adventure than me. Thanks for sharing all this cause it opens my vision for the future. With all these problems I might have to leave oxwall behind and move onto a different platform.

Bryan, "Using HTTPS should be a final decision, 301 is fine and preferable in SEO".

Of course should be final decision, however nobody was saying it when 301 was suggested. A more elegant way is to use 302 while setting it up initially, play with it, test it and then if everything is good and permanency is wanted change it to 302.

thank you for your thought

JoshWho, can you please clarify it for me, do you now have httpVsHttpsRedirect() commented out?

cause as I can see it that is a core function, without it https would be broken. To comment it out, as far as I understand now it is also a pretty bad peace of advise.

I do not understand the platform yet. Can we put together a plan, step by step, in detail, what has to be done in code to fix the https?

This would be the first step I think.

After that to find the resources which can execute those steps.