Discuz X3 HTTPS Deployment Practice and Troubleshooting

I recently deployed several Discuz HTTPS servers, both new and old. There were quite a few pitfalls, so I'm summarizing and organizing them here.

First, this is something that needs to be done regardless of whether it's a new or old website:

1. Deploying an HTTPS certificate (I won't go into detail about this; you can search for my previous articles if you're interested, or leave a comment if you have any questions).

II. Discuz program support

Actually, starting with Discuz! X3, it already includes support for HTTPS. If you access the forum using HTTPS, all links in the forum will become HTTPS. If you find that most links are already using HTTPS, it means Discuz has automatically recognized it. At this point, you can...Skip this stepProceed directly to the next step.

Discuz uses $_SERVER['HTTPS'] to determine SSL, but nginx cannot use this method to identify it, so some adjustments need to be made to the Discuz program (to use $_SERVER['SERVER_PORT'] to determine it).

1. Open source/class/discuz/discuz_application.php (around line 187):

$_G['isHTTPS'] = ($_SERVER['HTTPS'] && strtolower($_SERVER['HTTPS']) != 'off') ? true : false;

Revised to:

$_G['isHTTPS'] = ($_SERVER['SERVER_PORT'] == 443 || $_SERVER['HTTPS'] && strtolower($_SERVER['HTTPS']) != 'off') ? true : false;

2. Open uc_server/avatar.php (around line 13):

define('UC_API', strtolower(($_SERVER['HTTPS'] == 'on' ? 'https' : 'http').'://'.$_SERVER['HTTP_HOST'].substr($_SERVER['PHP_SELF'], 0, strrpos($_SERVER['PHP_SELF'], '/'))));

Revised to:

define strrpos($_SERVER['PHP_SELF'], '/'))));

3. Backend settings

There are some settings in the background that might interfere with the use of HTTPS.

a. In the backend > Site Admin > UCenter Settings > UCenter Access Address, change it to one starting with https.

b. In the UCenter backend > Application Management > Application's main URL, change it to start with https.

Additionally, some settings in the Admin Panel > Global > Domain Settings may also cause HTTPS to fail. If you still cannot enable it after following the previous steps, you can try temporarily deleting these settings.

c. Clear the cache. After completing the settings, you need to clear the cache for the settings to take effect.

After completing these steps, a new website should be fully HTTPS-enabled. For older websites, there might be some issues, depending on the specific circumstances. Below are some issues I encountered.

1. The links for {STYLEIMGDIR} and some style images are still HTTP.

Open source/function/cache/cache_styles.php and find the following three items:

$cssdata = !preg_match('/^http:\/\//i', $data['styleimgdir']) $cssdata = !preg_match('/^http:\/\//i', $data['imgdir']) $cssdata = !preg_match('/^http:\/\//i', $data['staticurl'])

Replace /^http:\/\//i with /^http/i, then save and overwrite.

2. Administrator login issues with DiscuzTips

You can delete this directly from the template's footer, or you can open source/plugin/manyou/Service/DiscuzTips.php and find it there. echo $jsCode; Add before // Comment it out.

3. UCenter communication fails after enabling HTTPS.

Open the file uc_server/model/misc.php in the directory;

Find line 69 (as shown in the image below) and insert the following code:

if (substr($url, 0, 5) == 'https') { $ch = curl_init($url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); if ($post) { curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $post); } if ($cookie) { curl_setopt($ch, CURLOPT_COOKIE, $cookie); } curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); return curl_exec($ch); }

We will continue to update this if any new questions arise. Feel free to leave a comment or ask a question.