joomla The url of the login page in the background is http, but after clicking the login button, it jumps to https Topic is solved

General questions relating to Joomla! 3.x.

Moderator: General Support Moderators

Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting.
Forum Post Assistant - If you are serious about wanting help, you should use this tool to help you post.
Windows Defender SmartScreen Issues <-- please read this if using Windows 10
Post Reply
sjma
Joomla! Apprentice
Joomla! Apprentice
Posts: 38
Joined: Wed Sep 08, 2021 6:27 am

joomla The url of the login page in the background is http, but after clicking the login button, it jumps to https

Post by sjma » Mon Oct 25, 2021 8:52 am

My website is not configured with an SSL certificate. Both the foreground and the background are http, but what is going on when the background requests https by default after logging in, see the attachment.
Please help me if you know it, thank you!
You do not have the required permissions to view the files attached to this post.

sjma
Joomla! Apprentice
Joomla! Apprentice
Posts: 38
Joined: Wed Sep 08, 2021 6:27 am

Re: joomla The url of the login page in the background is http, but after clicking the login button, it jumps to https

Post by sjma » Mon Oct 25, 2021 10:06 am

Come here

User avatar
AMurray
Joomla! Champion
Joomla! Champion
Posts: 7237
Joined: Sat Feb 13, 2010 7:35 am
Location: Australia

Re: joomla The url of the login page in the background is http, but after clicking the login button, it jumps to https

Post by AMurray » Mon Oct 25, 2021 9:43 pm

I don't know but your site should really be SSL enabled.

Only thing I can think of is in the configuration file, set "$Force_SSL" to "0" (if it is set to "1")

Or maybe there's some configuration on your host that's automatically turning it on (despite an apparent lack of SSL certificate), or it is in fact SSL enabled (from your web-host site, not joomla) and you don't realise it? Maybe your host has set basic SSL, which can be later replaced by whatever SSL you install.

I've never seen that setting "Mandatory use of SSL".

In my site it's simply "Force SSL" (that's a Joomla 4.0 site).

There's other settings in that screenshot that are also worded differently - maybe it's simply a translation thing, I don't know.
Regards - A Murray

sjma
Joomla! Apprentice
Joomla! Apprentice
Posts: 38
Joined: Wed Sep 08, 2021 6:27 am

Re: joomla The url of the login page in the background is http, but after clicking the login button, it jumps to https

Post by sjma » Tue Oct 26, 2021 2:08 am

AMurray wrote:
Mon Oct 25, 2021 9:43 pm
I don't know but your site should really be SSL enabled.

Only thing I can think of is in the configuration file, set "$Force_SSL" to "0" (if it is set to "1")

Or maybe there's some configuration on your host that's automatically turning it on (despite an apparent lack of SSL certificate), or it is in fact SSL enabled (from your web-host site, not joomla) and you don't realise it? Maybe your host has set basic SSL, which can be later replaced by whatever SSL you install.

I've never seen that setting "Mandatory use of SSL".

In my site it's simply "Force SSL" (that's a Joomla 4.0 site).

There's other settings in that screenshot that are also worded differently - maybe it's simply a translation thing, I don't know.
I thought it was a problem with nginx configuration at first, but after looking at the configuration, 443HTTPS was not configured.
The port is the default HTTP for accessing the login page of the front and back of the website. So I think it may be the problem of joomla settings. I read the Force SSL parameter in the configuration file you mentioned, and it is always 0. Thank you for your answer.

sjma
Joomla! Apprentice
Joomla! Apprentice
Posts: 38
Joined: Wed Sep 08, 2021 6:27 am

Re: joomla The url of the login page in the background is http, but after clicking the login button, it jumps to https

Post by sjma » Tue Oct 26, 2021 2:33 am

sjma wrote:
Mon Oct 25, 2021 10:06 am
Come here
After clicking the login button, a 303 POST request will be initiated. Location jumped to HTTPS.
You do not have the required permissions to view the files attached to this post.

SharkyKZ
Joomla! Hero
Joomla! Hero
Posts: 2016
Joined: Fri Jul 05, 2013 10:35 am
Location: Parts Unknown

Re: joomla The url of the login page in the background is http, but after clicking the login button, it jumps to https

Post by SharkyKZ » Tue Oct 26, 2021 8:16 am

There is a separate option in the login module https://help.joomla.org/proxy?keyref=He ... =en#Module.

User avatar
AMurray
Joomla! Champion
Joomla! Champion
Posts: 7237
Joined: Sat Feb 13, 2010 7:35 am
Location: Australia

Re: joomla The url of the login page in the background is http, but after clicking the login button, it jumps to https

Post by AMurray » Tue Oct 26, 2021 12:55 pm

One strange thing, the fact you don't get any errors displaying the page (when it directs to https:) suggests a certificate is in operation, otherwise I would expect it to give you some sort of browser error about "this connection is not secure...." (or some other such SSL configuration error). You have said you don't have SSL active, yet it seems to be working, even though you have stated you haven't set it up specifically.

Maybe it's a shared certificate - many hosts may have such a thing that is enabled by default, but most users would then get their own certificate installed e.g. Lets Encrypt (free) or a third party SSL providers, or through their hosting provider.
Regards - A Murray

sjma
Joomla! Apprentice
Joomla! Apprentice
Posts: 38
Joined: Wed Sep 08, 2021 6:27 am

Re: joomla The url of the login page in the background is http, but after clicking the login button, it jumps to https

Post by sjma » Wed Oct 27, 2021 6:08 am

SharkyKZ wrote:
Tue Oct 26, 2021 8:16 am
There is a separate option in the login module https://help.joomla.org/proxy?keyref=He ... =en#Module.
Thank you for your answer. I have read this module and it is set to not use SSL encryption

sjma
Joomla! Apprentice
Joomla! Apprentice
Posts: 38
Joined: Wed Sep 08, 2021 6:27 am

Re: joomla The url of the login page in the background is http, but after clicking the login button, it jumps to https

Post by sjma » Thu Oct 28, 2021 6:12 am

The current situation is that I modified the redirect method of joomla's WebApplication.php file and replaced it. The login and logout are no problem, but some buttons still do not work when editing the article, and the requested https is still clicked.
You do not have the required permissions to view the files attached to this post.

sjma
Joomla! Apprentice
Joomla! Apprentice
Posts: 38
Joined: Wed Sep 08, 2021 6:27 am

Re: joomla The url of the login page in the background is http, but after clicking the login button, it jumps to https

Post by sjma » Thu Oct 28, 2021 7:55 am

To solve this problem, there is no need to change the WebApplication.php file. I directly modified the getInstance method of the joomla project/libraries/src/Uri/Uri.php and added a line of code. This is just a time-consuming solution for not setting up an SSL certificate. If you want to set up an SSL certificate in the future, you will have to cancel this line.
You do not have the required permissions to view the files attached to this post.

User avatar
AMurray
Joomla! Champion
Joomla! Champion
Posts: 7237
Joined: Sat Feb 13, 2010 7:35 am
Location: Australia

Re: joomla The url of the login page in the background is http, but after clicking the login button, it jumps to https

Post by AMurray » Thu Oct 28, 2021 9:08 am

That change will be wiped out with the next update you do to the core.

It would be easier to just set up SSL. You can get it free from Let's Encrypt. Your host may even offer that.
Regards - A Murray


Post Reply

Return to “General Questions/New to Joomla! 3.x”