Reading the Github work item #4322 Drop "securitysettings.forcesslforallpages" setting , It implies that the code to force SSL redirect at the application level has been stripped out in 4.3.
Certainly the behaviour I have seen in 4.3 is that the store is still accessible on http 80 even if you check the require SSL box in store configuration.
SSL redirect must now be performed by the webserver, load balancer, etc.
I can help with this on linux NGINX. For IIS I think a web.config re-write rule is required.
I have nopCommerce 4.20 multi store implementation with Prisma theme from nopTemplates.
All major SEO checkers report a critical issue related to non www -> www redirect. Ex https://www.woorank.com/en/www/roomalert.ro
My SEO settings require all pages to have www prefix is active. I have SSL enabled with the only one host value: www.roomalert.ro .
I tried also to add IIS URL rewrite rules. For http to https I have a 301 redirect. but for nonww to www it’s not working (with 301 redirect).
If I request http://roomalert.ro I get response from https://www.roomalert.ro (but without 301 redirect). For site users is ok but for SEO checkers is not.
What else can I try to fix this SOE issue?
Below you can find webconfig URL rewrite settings:
I ever have the same problem with Nop 4.3, my environment is: - Ubuntu 20.04 - Nginx - MySql Below is my workaround: - Setup ssl cert in nginx - Set store url to https://xxx: Go to Admin/Configuration/Store:In the list, - make sure 'Store URL' is using https - make sure 'SSL enabled' is checked - Change setting in appsettings.json: "UseHttpXForwardedProto": true <-- This is work I missed After above configuration applied, make sure you restart both nginx and your nopcommerce application. Hope help
This topic was automatically closed 365 days after the last reply. New replies are no longer allowed.