Copy link to clipboard
Copied
Hi,
I recently installed a wildcard SSL certificate on our domain artgalore.ca.
Soon after, I started to get support emails from customers to say they could no longer access the site because of a 403 error, as seen below. When I turned off my anti-virus software, I was able to access the site. I searched a couple of forums for specifics, nothing seems to be working.
Any help is appreciated.
Arny
Copy link to clipboard
Copied
It looks like you've disabled plaintext HTTP and only enabled HTTPS. That's actually fine, as long as no one tries to connect via HTTP. But in your screenshot, you're trying to connect via HTTP. What you might want to do is leave both HTTP and HTTPS enabled, then use either IIS or CF to redirect all HTTP requests to HTTPS, then for good measure add an HSTS response header so that future requests from the same client will use HTTPS automatically.
Dave Watts, Eidolon LLC
Copy link to clipboard
Copied
Hi Dave,
Do you have an example script?
Arny
Copy link to clipboard
Copied
Something along the lines of this in Application.cfm or Application.cfc:
<cfif not cgi.https>
<cflocation url="https://#cgi.server_name##cgi.script_name#?#cgi.query_string#" />
</cfif>
Dave Watts, Eidolon LLC