OJS https configuration


I just installed a new ojs site and I’m having some problem to get the https working correctly.

I found this https://pkp.sfu.ca/support/forum/viewtopic.php?t=11261 and when I edit the file lib/pkp/classes/core/PKPRequest.inc.php to change this line:

$_this->_protocol = (!isset($_SERVER['HTTPS']) || strtolower_codesafe($_SERVER['HTTPS']) != 'on') ? 'http' : 'https';
to this:
$_this->_protocol = (!isset($_SERVER['HTTPS']) || strtolower_codesafe($_SERVER['HTTPS']) != 'on') ? 'https' : 'https';
My site work fine with https.

Is there a way to apply this change permanently ?

1 Like

Hi Tchevass,

What problem do you have?

Have you set up the force_ssl = Off or force_login_ssl = Off in the config.inc.php?

Actually, it should work, s. for example https://www.querelles-net.de

Bozana Bokan

When I configure my website to allow http and https I get a redirect loop with force_ssl = On

But when I modify lib/pkp/classes/core/PKPRequest.inc.php to remplace http to https, my site allow only https

Hmmmm… I suppose the force_ssl is always redirecting to https, thus I believe you cannot use this option and have both http and https. Did you then also use some other rewrite rules on the server to also allow http, that then lead to the infinite loop? Maybe then to use only force_login_ssl? Or always use https.

I tried to use https only, but it seems like my link are using http.

Ex: home page is using https but when I click on About I get a 404 because the server is looking for http://example.com/ojs/index/about

You should then have both server configurations, for example both vhosts, for http and https without any redirecting there and let OJS always redirect it to https (with force_ssl).

Hi, recently migrated my site to another server and installed ssl certificate. Unfortunately, all the previous http link cant be access and user need to put https on the link. Is it possible to redirect old http link to https?

Please help me

Hi @Emi_Naza,

That’s more of a web server configuration question than an OJS question – but see the force_ssl option in config.inc.php.

Alec Smecher
Public Knowledge Project Team