Few important articles from Google's official security blog site: https://security.googleblog.com/2014/08/https-as-ranking-signal_6.html https://security.googleblog.com/2015/12/indexing-https-pages-by-default.html https://security.googleblog.com/2017/04/next-steps-toward-more-connection.html https://security.googleblog.com/2018/02/a-secure-web-is-here-to-stay.html
Kind Regards Ashish Vijaywargiya HotWax Systems - est. 1997 <http://www.hotwaxsystems.com/> On Sun, Sep 30, 2018 at 3:31 PM Ashish Vijaywargiya < ashish.vijaywarg...@hotwaxsystems.com> wrote: > Thanks, Jacques, Please feel free to get it done and let me know if some > help is required from my side. Thanks! > > -- > Kind Regards > Ashish Vijaywargiya > HotWax Systems - est. 1997 <http://www.hotwaxsystems.com/> > > > > On Sun, Sep 30, 2018 at 1:38 PM Jacques Le Roux < > jacques.le.r...@les7arts.com> wrote: > >> We can handle it ourselves. It's puppetised. The file is >> infrastructure-puppet\data\roles\tlpserver.yaml at >> https://github.com/apache/infrastructure-puppet.git in origin/deployment >> branch >> >> OFBiz block is >> >> ofbiz: >> vhost_name: '*' >> port: 80 >> servername: 'www.ofbiz.org' >> docroot: '/www/ofbiz.apache.org' >> manage_docroot: false >> serveraliases: >> - 'ofbiz.org' >> serveradmin: 'us...@infra.apache.org' >> access_log_file: '/x1/logs/weblog.log' >> error_log_file: '/x1/logs/errorlog.log' >> custom_fragment: | >> Redirect permanent / http://ofbiz.apache.org/ >> UseCanonicalName On >> RewriteEngine On >> RewriteOptions inherit >> >> # bigfiles.ofbiz.org >> RewriteCond ${lowercase:%%{}{HTTP_HOST}} >> ^bigfiles(?:\.\w+)?\.ofbiz\.org$ >> RewriteRule (.*) http://ofbiz-bigfiles.apache.org/ [L] >> >> So we should add a ssl block and redirect http block to https as >> explained at https://wiki.apache.org/httpd/RedirectSSL >> >> We can do a PR for that. Then it's better with an INFRA Jira because it's >> then seen and prioritised by the Infra team >> >> Jacques >> >> >> Le 30/09/2018 à 08:03, Taher Alkhateeb a écrit : >> > +1 >> > >> > I'm not sure any effort is needed from our side? We just need to >> coordinate >> > with infra right? >> > >> > On Sun, Sep 30, 2018, 8:01 AM Ashish Vijaywargiya < >> > ashish.vijaywarg...@hotwaxsystems.com> wrote: >> > >> >> Hello Team, >> >> >> >> I think we should put some effort and make it work like if some user >> hits >> >> http://ofbiz.apache.org(default port http) then the user is >> redirected to >> >> https://ofbiz.apache.org(Secure port https) >> >> >> >> For now, the user sees a message "Not Secure" in the Google Chrome >> browser >> >> URL if the user comes to the official ofbiz website. This message can >> >> confuse the end user and he can move away if he is the new user >> visiting >> >> the project website. >> >> >> >> This issue can be easily addressed by setting up the apache redirects. >> This >> >> change will also help the project URLs from SEO point of view. >> >> >> >> Please share your thoughts then we can plan the things accordingly. >> >> Thanks! >> >> >> >> -- >> >> Kind Regards >> >> Ashish Vijaywargiya >> >> HotWax Systems - est. 1997 <http://www.hotwaxsystems.com/> >> >> >> >>
