yggdrasil Posted December 7, 2018 Share Posted December 7, 2018 It would be nice if WHMCS developers decide to switch to HTTPS for all links on domains/urls on the admin side, or at least give us a choice. Its very annoying that when you open a customer domain or another URL it defaults to HTTP only. I understand this comes from legacy code, but since the web is moving towards https only, I see more sites with HTTPS than without it. In particular since most browsers now complain the site is insecure. 'm talking about the links in the admin and customer profile. My installation and site runs only under https for years but opening the www button and other links from the admin interface still does this with http://example.com for customers domains and it forces me to manually edit the url in the browser when some site complaints about the certificate. In most cases I also need to test or debug the https version only so I don't care about opening the HTTP site. 0 Quote Link to comment Share on other sites More sharing options...
slim Posted December 11, 2018 Share Posted December 11, 2018 The sites your opening are not coded properly then. Sites should be redirecting visitors (without any error) to the https:// equivalent. Usually this is done via .htaccess redirect. 0 Quote Link to comment Share on other sites More sharing options...
bear Posted December 11, 2018 Share Posted December 11, 2018 51 minutes ago, slim said: The sites your opening are not coded properly then. Sites should be redirecting visitors (without any error) to the https:// equivalent. Usually this is done via .htaccess redirect. That's on the client running the site, not the WHMCS admin clicking a link to go there from within WHMCS. As for that link being http or https, not all sites have gone secured, so it's a toss up as to which will be correct in all cases. Hard to predict which it will be... 0 Quote Link to comment Share on other sites More sharing options...
yggdrasil Posted December 11, 2018 Author Share Posted December 11, 2018 1 hour ago, slim said: The sites your opening are not coded properly then. Sites should be redirecting visitors (without any error) to the https:// equivalent. Usually this is done via .htaccess redirect. Did you even read what I posted? I'm talking here about WHMCS and the links you click on WHMCS staff side, not how someone has his website/server configured. 0 Quote Link to comment Share on other sites More sharing options...
yggdrasil Posted December 11, 2018 Author Share Posted December 11, 2018 11 minutes ago, bear said: That's on the client running the site, not the WHMCS admin clicking a link to go there from within WHMCS. As for that link being http or https, not all sites have gone secured, so it's a toss up as to which will be correct in all cases. Hard to predict which it will be... Yes, I understand this is why it should be optional. Maybe a switch on the settings to default links on domains to HTTP or HTTPS (admin choice). While not everyone has switched to HTTPS yet, I would say that the % now is more inclined to HTTPS than HTTP. I personally would prefer to open them in HTTPS now. 0 Quote Link to comment Share on other sites More sharing options...
slim Posted December 12, 2018 Share Posted December 12, 2018 (edited) Yes, I read and fully understood what you wrote. My point is valid - WHMCS's default behavior is perfectly fine linking to HTTP:// because sites should be coded CORRECTLY to redirect visitors to https:// Any site that doesn't has a technical issue that should be solved. Edited December 12, 2018 by slim 0 Quote Link to comment Share on other sites More sharing options...
bear Posted December 12, 2018 Share Posted December 12, 2018 3 hours ago, yggdrasil said: Yes, I understand this is why it should be optional. I know you understand, I was referring to slim's post (and why I'd quoted it). 😉 I agree there could and should be a setting to choose, but it's like so many things in this system (hard coded UK dates on domain sync, for instance), it gets encoded and untouchable or needs yet another hook. 0 Quote Link to comment Share on other sites More sharing options...
yggdrasil Posted December 12, 2018 Author Share Posted December 12, 2018 (edited) 8 hours ago, slim said: Yes, I read and fully understood what you wrote. My point is valid - WHMCS's default behavior is perfectly fine linking to HTTP:// because sites should be coded CORRECTLY to redirect visitors to https:// Any site that doesn't has a technical issue that should be solved. No, your point is not valid. Nobody has control on what other websites do on the Internet. Some domains in our WHMCS are not hosted with us, we can't do anything if they are not redirected to HTTPS by default. Your logic is that we should contact them and tell them to please redirect to HTTPS so our staff or admin can avoid typing S in the address bar manually? Good luck with that! If I want HTTPS I should request that, not HTTP. Why would I request an insecure protocol when I want the secure one? Second, using HTTP and not redirecting to HTTPS is not a technical issue, it's a choice. Its not incorrectly coded either. Some domains might prefer to stick to HTTP for their own reasons, again, why should I or you or anyone else tell someone how they should manage their websites? You don't seem to realize that we are not talking here about what people do on their websites/server. Some domains might not even resolve because they have no hosting, or some are not redirect to anywhere...and are just dead. This has nothing to do with how websites are setup on a server. You are confusing things. We are talking here about how you open links on the admin side inside WHMCS for customers domains, not how people decide to setup their websites on what ever cloud or service they picked. You also contradict your own point. First you say WHMCS works perfectly fine (using HTTP on links) but then claim it's a technical issue on those sites... Why would you use HTTP and then redirect to HTTPS when you can use HTTPS directly? If you want one protocol, you should request exactly that, not something else and expect a redirection. Redirections have overhead, and they also take longer. Even if all websites in the world use HTTPS tomorrow, it would be really moronic to still link all websites to HTTP instead of HTTPS (because you assume they should redirect). Why would you prefer to have your browser take longer to load a site on every single click? Why would you prefer a web server to redirect first when you can request the correct request from start? Websites redirect to HTTPS because a lot of older software and protocols (just like WHMCS) use to HTTP by default. This is the main reason. It's a temporary fix, not a solution, you are not supposed to stick to redirections in the long run. If you want to go more technical, using HTTP by default means you are connecting with an insecure handshake first, before redirecting to HTTPS. In fact its not even allowed under HSTS anymore which means redirecting from HTTP to HTTPS is completely avoided, you should not even accept HTTP connections at all if you are planning to go that route: https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security Edited December 12, 2018 by yggdrasil 0 Quote Link to comment Share on other sites More sharing options...
wrefewd Posted December 12, 2018 Share Posted December 12, 2018 hello this is my problem too and how can i solve it ? کانفیگ سرور 0 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.