Missing headers, cookies are not set properly and causing security issues

Dieter Marohn Posted in Technical Support 6 years ago

Hi Guys,

I'ts been a while since my last visit on the forums. Hope you all doing oke!

I installed OSSN in its own subdirectory with the following specifications: i.e. Public_html/OSSN/

  • SSL
  • HTTP2.0
  • PHP 7.1
  • MySQL 5,7
  • 4CPU
  • 2GB ram

It runs lightning fast and without any PHP notices. Even PHP Mscript works on PHP 7.1 while is was going to be decrapted from PHP5.6. But it works. My Hoster told me...

The problem is with the cookies and security policies and option. Its quit easy, its just not there :)
Cookies are using HTTP while HTTPS is installed and working.
I think I'm doing things wrong with redirecting to the subdirectory and forcing HTPS with htaccess. But I'm not sure.
Scan Results:
https://securityheaders.com/?followRedirects=on&hide=on&q=dieterweer.nl

I was hoping that maybe some one could help me with my setup?
This is going a bit outer space for me ;)

Good Day and Thank You,
Dieter

Replies
Dutch Dieter Marohn Replied 6 years ago

I see...I start to believe that its some sort of new technology that is ready to be implemented.
My Hoster says sort of the same as you did.

Anyway, it kept me busy on my friday night and saturday all day...time for beer :D

Thank you very much for the effort.

Have a good day!

Dieter

Indonesian Arsalan Shah Replied 6 years ago

I have checked your website and your ssl seems work, the website you sent us shows some stuff need that can be configured by server settings (apache, php).

However without those things your website works , even the google shows the D grade, https://securityheaders.com/?q=google.com&hide=on&followRedirects=on so you should not much worried about it.

https://www.ssllabs.com/ssltest/analyze.html?d=dieterweer.nl&latest

Dutch Dieter Marohn Replied 6 years ago

Hi,

I did exactly that and SSL works. A grade. I realy dont know whats going on.

-Edit. My hostingprovider is on it as we speak. So I got good hopes!

Thanks!

Indonesian Arsalan Shah Replied 6 years ago

Hi, it seems you are trying to use ssl on your website ? please see https://www.opensource-socialnetwork.org/wiki/view/2671/how-to-enable-ssl-on-ossn

Premium Version

Due to the many requests in the past for additonal features and components we have decided to develope a premium version. Features like Hashtags, Videos, Polls, Events, Stories, Link Preview, etc included in it.

$199 (Life Time)
Learn More

Other Questions

  • The error appears Video upload failed
  • Upgrading to Premium Install
  • Component plugin development
  • Nginx vs Apache website speed and setup
  • Cannot add product all fields work except category
  • Notifications for events and surveys.
  • Auto posting account
  • Changing background color of Announcements
  • Paid ad for companies
  • Automatic OSSN Wall Update in Home Page
  • Group avatar/picture
  • Convert link to post
  • Is anything customizable?
  • Open Source Social Network 7.6 has been released
  • OSSN Support ActivityPub
  • Missing OssnServices component" and "TextareaSupport component"
  • Uploading files to posts
  • Share Public post on other socials
  • What is the process for upgrading from free to premium?
  • OSSN suggestion for deleting posts and photos on wall
    • © Open Source Social Network
  • About Project
  • Terms and Conditions
  • Privacy and Policy
  • Report Copyright Material
    • Useful Links
  • Get Open Source Social Network
  • Get the virtual machine image.
  • How to install Open Source Social Network?
  • How to report the bug?
    • Support
  • Contact Team Directly
  • Consult Community
  • Register an account
  • Login into account