SotS Wiki - PmWiki - SetupHTTPS

The internet community is rapidly moving to ensuring all websites are secure by using Hypertext Transfer Protocol Secure (HTTPS).

Note that HTTPS and mobile friendly are used as ranking signals by search engines.

This page is a placeholder or work in progress, serving to amalgamate information from the email list and recipes to where it should be held in the main PmWiki pages.

HTTPS request handling by PmWiki

PmWiki already responds properly to https: requests -- it detects when a request comes in via HTTPS and converts its outgoing links accordingly. This doesn't need a new variable.

If you want to force all pmwiki-links to use https, then update $ScriptUrl accordingly:

$ScriptUrl = 'https://www.mydomain.com/path/to/pmwiki.php';

Chances are that a site is already setting $ScriptUrl in the local/config.php anyway -- it's one of the first things mentioned in docs/sample-config.php, and in the initial setup tasks documentation.

I'd be fine with updating docs/sample-config.php to include something like:

# If you prefer HTTPS over HTTP linkages:
   # $UrlScheme = 'https';
   # $ScriptUrl = 'https://www.mydomain.com/path/to/pmwiki.php';
   # $PubDirUrl = 'https://www.mydomain.com/path/to/pub';

PmWiki automatically redirect HTTP to HTTPS

To have PmWiki automatically redirect incoming HTTP requests to be a HTTPS request... that sounds recipe-ish. And it's much more efficient for it to be handled at the webserver level anyway (e.g., vis .htaccess, Redirect, etc.)

At the beginning of config.php add, for versions of PmWiki after 2.2.0-beta18

if ($UrlScheme == 'http') {
  header( "Location: " . "https://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] );
  exit('<html><body>
    <a href="https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] . '">Please use HTTPS</a>
    </body></html>');
}
$ScriptUrl = "https://".$_SERVER['HTTP_HOST']."/pmwiki/pmwiki.php";
$PubDirUrl = 'https://'.$_SERVER['HTTP_HOST'].'/pmwiki/pub';

Certificate

A certificate from a Certificate Authority is required, a self-signed certificate is no longer adequate^[1].

Let’s Encrypt is a free, automated, and open Certificate Authority
- EFF's CertBot for automatically enabling HTTPS on your PmWiki deploying Let's Encrypt certificates.
- Certify the Web provides a Windows native client to acquire and install a Let's Encrypt certificate

References

Cookbook:SwitchToSSLMode

This page may have a more recent version on pmwiki.org: PmWiki:SetupHTTPS, and a talk page: PmWiki:SetupHTTPS-Talk.

Big View Home Edit History Recent Changes
TriadSkin powered by PmWiki	PmWiki Setup HTTPS The internet community is rapidly moving to ensuring all websites are secure by using Hypertext Transfer Protocol Secure (HTTPS). Note that HTTPS and mobile friendly are used as ranking signals by search engines. This page is a placeholder or work in progress, serving to amalgamate information from the email list and recipes to where it should be held in the main PmWiki pages. HTTPS request handling by PmWiki PmWiki already responds properly to https: requests -- it detects when a request comes in via HTTPS and converts its outgoing links accordingly. This doesn't need a new variable. If you want to force all pmwiki-links to use https, then update `$ScriptUrl` accordingly: `$ScriptUrl = 'https://www.mydomain.com/path/to/pmwiki.php';` Chances are that a site is already setting `$ScriptUrl` in the local/config.php anyway -- it's one of the first things mentioned in `docs/sample-config.php`, and in the initial setup tasks documentation. I'd be fine with updating docs/sample-config.php to include something like: # If you prefer HTTPS over HTTP linkages: # $UrlScheme = 'https'; # $ScriptUrl = 'https://www.mydomain.com/path/to/pmwiki.php'; # $PubDirUrl = 'https://www.mydomain.com/path/to/pub'; PmWiki automatically redirect HTTP to HTTPS To have PmWiki automatically redirect incoming HTTP requests to be a HTTPS request... that sounds recipe-ish. And it's much more efficient for it to be handled at the webserver level anyway (e.g., vis .htaccess, Redirect, etc.) At the beginning of `config.php` add, for versions of PmWiki after 2.2.0-beta18 if ($UrlScheme == 'http') { header( "Location: " . "https://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] ); exit('<html><body> <a href="https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] . '">Please use HTTPS</a> </body></html>'); } $ScriptUrl = "https://".$_SERVER['HTTP_HOST']."/pmwiki/pmwiki.php"; $PubDirUrl = 'https://'.$_SERVER['HTTP_HOST'].'/pmwiki/pub'; Certificate A certificate from a Certificate Authority is required, a self-signed certificate is no longer adequate^[1]. Let’s Encrypt is a free, automated, and open Certificate Authority EFF's CertBot for automatically enabling HTTPS on your PmWiki deploying Let's Encrypt certificates. Certify the Web provides a Windows native client to acquire and install a Let's Encrypt certificate References Cookbook:SwitchToSSLMode This page may have a more recent version on pmwiki.org: PmWiki:SetupHTTPS, and a talk page: PmWiki:SetupHTTPS-Talk. Edit Page History Source Attach File Backlinks List Group Page last modified on June 18, 2017, at 08:26 AM
skin config pmwiki-2.3.32

Setup HTTPS

HTTPS request handling by PmWiki

PmWiki automatically redirect HTTP to HTTPS

Certificate

References