Https Everywhere

[NetworkJack]

If you are like us, the only supported protocol for accessing Blesta is via https. To that end, all links sent in emails should have https based links instead of the default http

 

Here is a quick SQL call to make that happen without having to go into the interface and change each email template manually:

 

UPDATE `emails` SET `text`=REPLACE(`text`, 'http:', 'https:'), `html`=REPLACE(`html`, 'http:', 'https:')

 

[Michael]

I just force https on the apache file (HSTS)

[mrrsm]

I just force https on the apache file (HSTS)

That will force it back to https but it doesn't fix the fact you should be sending people to the https directly from your links regardless.

 

 

UPDATE `emails` SET `text`=REPLACE(`text`, 'http:', 'https:'), `html`=REPLACE(`html`, 'http:', 'https:')

That is useful as doing them manually sucks as it takes a while otherwise

[serge]

thanks for the contribution, I suppose Blesta use only http as not all people using Blesta will have a SSL certificate.

 

but in the wait of an option from Blesta, I do like your contribution

[cloudrck]

thanks for the contribution, I suppose Blesta use only http as not all people using Blesta will have a SSL certificate.

You'll probably right. But unless you're developing, there is no reason to not have a SSL certificate for running Blesta. I would hope Blesta intends on changing setup so TLS is expected.