I had CMSMS 1.10.3. Today I decided to upgrade it. I copied all files to my local apache server and I copied database. On local machine CMS works good. I successfully upgraded it. So, I tried to do same steps on internet page. Now when I try to log in I have communicate that all data will be send to unsecured page. Next I'm returning to login.php.
.htaccess
Code: Select all
# Attempt to override some php settings, these settings may be helpful on some hosts if your
# default configuration does not meet CMS's minimum requirements, and your host
# has given your account appropriate permissions
#php_value upload_max_filesize "10M"
#php_value session_save_path "tmp/cache"
#php_flag magic_quotes_gpc Off
#php_flag register_globals Off
#php_flag session.use_trans_sid Off
# (this is important, so uncomment if your host permit)
#Options -Indexes
#ServerSignature Off
#Options +FollowSymLinks
# To prevent E_STRICT problems with PHP 5.3+ you can uncomment the following lines
# Note: These settings should only be enabled for production sites!
#php_flag display_startup_errors 0
#php_flag display_errors 0
#php_flag html_errors 0
#php_value docref_root 0
#php_value docref_ext 0
<IfModule mod_rewrite.c>
RewriteEngine on
#
#Sub-dir e.g: /cmsms
RewriteBase /
# 301 Redirect all requests that don't contain a dot or trailing slash to
# include a trailing slash
# but ignore POST requests.
#RewriteCond %{REQUEST_URI} !/$
#RewriteCond %{REQUEST_URI} !\.
#RewriteCond %{REQUEST_METHOD} !POST$
#RewriteRule ^(.*) %{REQUEST_URI}/ [R=301,L]
# 301 Redirect all requests without www to www option
#RewriteCond %{HTTP_HOST} !^www\. [NC]
#RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [R=301,L]
#RewriteCond %{HTTP_HOST} ^sr500.thumpers.pl/adminGDON58TE$
#RewriteCond %{HTTP_HOST} !^sr500.thumpers.pl/adminGDON58TE$
#RewriteRule ^(.*) https://www.sr500.thumpers.pl/adminGDON58TE/$1 [QSA,L,R=301]
RewriteEngine On
# ---- These lines was uncommented before ---- #
# jeżeli HTTPS nie jest włączony
#RewriteCond %{HTTPS} !=on [NC]
# przekieruj na https://
#RewriteRule ^ https://%{SERVER_NAME}/%{REQUEST_URI} [R,L]
# ---- ---- #
# Rewrites urls in the form of /parent/child/
# but only rewrites if the requested URL is not a file or directory
#
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.+)$ index.php?page=$1 [QSA]
</IfModule>
<IfModule mod_header.c>
# Disable ETags
Header unset ETag
FileEtag None
</IfModule>
<IfModule mod_deflate.c>
# Compress css, plaintext, xml, gif, and images in transport.
AddOutputFilterByType DEFLATE text/css text/plain text/xml image/gif image/jpeg image/png
</IfModule>
<IfModule mod_expires.c>
<FilesMatch "\.(ico|pdf|flv|jpg|jpeg|png|gif|js|css|swf)$">
# Set expires tags on various files... so that the browser wont attept to reload them.
ExpiresActive On
ExpiresDefault "access plus 1 year"
<IfModule mod_header.c>
# Setting cache control to public allowes proxy servers to cache the items too.
Header set Cache-Control "public"
</IfModule>
</FilesMatch>
</IfModule>Code: Select all
<?php
# CMS Made Simple Configuration File
# Documentation: /doc/CMSMS_config_reference.pdf
#
$config['dbms'] = 'mysql';
$config['db_hostname'] = 'sql.page.pl';
$config['db_username'] = 'username';
$config['db_password'] = 'passwd';
$config['db_name'] = 'dbname';
$config['db_prefix'] = 'cms_';
$config['db_port'] = 3307;
$config['root_url'] = 'http://www.page.pl';
$config['timezone'] = 'Europe/Warsaw';
$config['default_encoding'] = 'utf-8';
$config['admin_dir'] = 'admin';
?>I comment two lines
Code: Select all
#RewriteCond %{HTTPS} !=on [NC]
#RewriteRule ^ https://%{SERVER_NAME}/%{REQUEST_URI} [R,L]