Luis E. Suarez
2018-08-28 23:15:36 UTC
HI,
I have several HTTP sites running TYPO3 in shared servers. I have
converted the first one to SSL and seems to be working just fine, except
that got a penalty for not supporting Forward Secrecy and that means a B
at Qualys SSL Labs.
Now, regarding TYPO3 (ver. 6.2x).
Aside from the obvious config.baseURL plus a redirect in .htacces and so
on, have not included in TYPO3 any other SSL tweaking like those
recommended at:
https://www.nitsan.in/blog/post/the-unconventional-guide-converting-your-typo3-site-from-http-to-https-ssl/
In a couple of pages I tried:
Page Properties > Behaviour > Use Protocol and see no difference using
https:// or Default options.
BTW, I still use config.baseURL instead of config.absRefPrefix but I
think it doesn't matter for SSL.
The question is: Is it really necessary to make in TYPO3 all those
recommendations?
I have several HTTP sites running TYPO3 in shared servers. I have
converted the first one to SSL and seems to be working just fine, except
that got a penalty for not supporting Forward Secrecy and that means a B
at Qualys SSL Labs.
Now, regarding TYPO3 (ver. 6.2x).
Aside from the obvious config.baseURL plus a redirect in .htacces and so
on, have not included in TYPO3 any other SSL tweaking like those
recommended at:
https://www.nitsan.in/blog/post/the-unconventional-guide-converting-your-typo3-site-from-http-to-https-ssl/
In a couple of pages I tried:
Page Properties > Behaviour > Use Protocol and see no difference using
https:// or Default options.
BTW, I still use config.baseURL instead of config.absRefPrefix but I
think it doesn't matter for SSL.
The question is: Is it really necessary to make in TYPO3 all those
recommendations?