Support community for TTG plugins and products.
NOTICE
The Turning Gate's Community has moved to a new home, at https://discourse.theturninggate.net.
This forum is now closed, and exists here as a read-only archive.
You are not logged in.
Pages: 1
Well, then that's where I feel doubly stupid if you're not using FTP to transfer. We haven't done that much with Backlight other than have a handful of clients make selects using the feedback plugin. In setting up and configuring the site I enabled the SFTP listener — and I'm sure with some digging I could find that again — but promptly forgot about it. Then while reviewing the monthly statement a couple of months later found my average AWS invoice had jumped from around $70/mo to $300+/mo.
We have several domains and subdomains for our client work in marketing and the easiest/cheapest scalable solution we found was to host through AWS using Route53 for domain management and SSL, and the load balancers are required for the EC2 instances (if you're using Route53) but they also help with our clients abroad.
Have been running Backlight 2.x and plan to update to 3.x when I have the time.
Right, the EC2 instance is very inexpensive to run, even with having AWS handle load balancers and domain duties. It's adding the listener for SFTP transfer in order for Lightroom to upload to that caught us by surprise; that runs $7.20/day and took some sleuthing to figure out why.
When I have some time I'll do a test to see if there's a way to split the duties so the Backlight administration site remains in an EC2 instance, but the assets are offloaded to an S3 bucket. That way I should be able to at least upload and manage files easily using FTP tools. Worst case, I'll just offload the whole thing to a separate server that has SFTP built-in.
We do most of our site work and hosting on Amazon's AWS services and successfully mounted a Backlight site a few months ago inside one of our EC2-hosted sites. However, that came with an expensive lesson; it required enabling FTP to run in the background and surprised us with almost $300/mo in fees (discovered after two months). So that's not really an option anymore.
Since Backlight behaves like a static site I'm thinking there might be a way to host our photo site using S3. SQLite doesn't require the server structure of a MySQL database site, but since the files are PHP-based I don't see an easy way to make this work and wonder if anyone has tried this with success (or found it couldn't be done).
Thanks for any insights!
m.
Credentials sent.
I found the solution for the backend of my Backlight site in the URLHelper file (backlight/modules/module-framework/helpers/URLHelper.php). Going to line number 292 and changing the protocol from 'http' to 'https' forces all of the scripts and css files in the site to conform to HTTPS and the errors disappear. No idea why some content can sneak past this and be flipped over to https on the front end, but at this point I'm just glad to have the site working properly.
Obviously this tweak would be a bad idea in a mixed https/http or strictly http environment, but if you know everything is being run through SSL it's a winner.
Hmm, nope, that didn't do it. I'm working on the site styling right now and will send credentials at the end of the day. Thanks!
No, the site was flipped over to https about 9 months ago. I just tried the Update Backlight Index Files again; still with no success on the backend. Everything is up-to-date, especially since the site was reinstalled just two days ago. Ha!
I tried that earlier and broke the site, having to reinstall when I couldn't find the configuration file in the admin section to change it through a text editor. If you can point out where to do that I'll try it again, but I'm nervous at the idea of locking myself out again.
Thanks for the input. The site at the root is running Joomla on an AWS EC2 Linux 2 instance, with everything https. This Backlight site is one folder deep (base-site/photos/) and that's where this has me stumped... I know the firewall on the site isn't preventing anything (I've turned it off for testing) and the parent site .htaccess file has been commented out, so it's not that either.
I suppose it could relate to directory ownership and permissions. I reinstalled the site a few times trying to get the kinks worked out on the front end, but the permissions inside the backlight folder all match the installer (apache:apache, 775/664)... and I can't imagine how that would default a few core css/js files to serve as http.
Really strange.
Howdy, I've spent the better part of two days adjusting .htaccess files attempting to get the backend to force HTTPS across the board.
I'm getting these consistent errors for insecure mixed content (URL obviously changed on the dev site):
Mixed Content: The page at '<URL>' was loaded over HTTPS, but requested an insecure stylesheet '<URL>'. This request has been blocked; the content must be served over HTTPS.
(index):13 Mixed Content: The page at 'https://examplesite.com/photos/backlight/admin/' was loaded over HTTPS, but requested an insecure stylesheet 'http://examplesite.com/photos/backlight/modules/module-admin/lib/css/normalize.css'. This request has been blocked; the content must be served over HTTPS.
(index):14 Mixed Content: The page at 'https://examplesite.com/photos/backlight/admin/' was loaded over HTTPS, but requested an insecure stylesheet 'http://examplesite.com/photos/backlight/modules/module-admin/lib/css/structure.css'. This request has been blocked; the content must be served over HTTPS.
(index):15 Mixed Content: The page at 'https://examplesite.com/photos/backlight/admin/' was loaded over HTTPS, but requested an insecure stylesheet 'http://examplesite.com/photos/backlight/modules/module-admin/lib/css/navigation.css'. This request has been blocked; the content must be served over HTTPS.
(index):16 Mixed Content: The page at 'https://examplesite.com/photos/backlight/admin/' was loaded over HTTPS, but requested an insecure stylesheet 'http://examplesite.com/photos/backlight/modules/module-admin/lib/css/style.css'. This request has been blocked; the content must be served over HTTPS.
(index):17 Mixed Content: The page at 'https://examplesite.com/photos/backlight/admin/' was loaded over HTTPS, but requested an insecure stylesheet 'http://examplesite.com/photos/backlight/modules/module-admin/lib/css/grid-framework-12col.css'. This request has been blocked; the content must be served over HTTPS.
(index):18 Mixed Content: The page at 'https://examplesite.com/photos/backlight/admin/' was loaded over HTTPS, but requested an insecure stylesheet 'http://examplesite.com/photos/backlight/modules/module-admin/lib/css/font-awesome.min.css'. This request has been blocked; the content must be served over HTTPS.
(index):20 Mixed Content: The page at 'https://examplesite.com/photos/backlight/admin/' was loaded over HTTPS, but requested an insecure stylesheet 'http://examplesite.com/photos/backlight/modules/module-admin/lib/css/jquery.fancybox.min.css'. This request has been blocked; the content must be served over HTTPS.
(index):22 Mixed Content: The page at 'https://examplesite.com/photos/backlight/admin/' was loaded over HTTPS, but requested an insecure stylesheet 'http://examplesite.com/photos/backlight/modules/module-admin/lib/css/magnific-popup.css'. This request has been blocked; the content must be served over HTTPS.
(index):23 Mixed Content: The page at 'https://examplesite.com/photos/backlight/admin/' was loaded over HTTPS, but requested an insecure stylesheet 'http://examplesite.com/photos/backlight/modules/module-admin/lib/css/jquery-ui.css'. This request has been blocked; the content must be served over HTTPS.
(index):24 Mixed Content: The page at 'https://examplesite.com/photos/backlight/admin/' was loaded over HTTPS, but requested an insecure stylesheet 'http://examplesite.com/photos/backlight/modules/module-admin/lib/css/footable.standalone.min.css'. This request has been blocked; the content must be served over HTTPS.
Mixed Content: The page at '<URL>' was loaded over HTTPS, but requested an insecure script '<URL>'. This request has been blocked; the content must be served over HTTPS.
examplesite.com/:1 Mixed Content: The page at 'https://examplesite.com/photos/backlight/admin/' was loaded over HTTPS, but requested an insecure script 'http://examplesite.com/photos/backlight/modules/module-admin/lib/js/jquery-2.1.3.min.js'. This request has been blocked; the content must be served over HTTPS.
(index):1 Mixed Content: The page at 'https://examplesite.com/photos/backlight/admin/' was loaded over HTTPS, but requested an insecure script 'http://examplesite.com/photos/backlight/modules/module-admin/lib/js/pangolin.js'. This request has been blocked; the content must be served over HTTPS.
(index):1 Mixed Content: The page at 'https://examplesite.com/photos/backlight/admin/' was loaded over HTTPS, but requested an insecure script 'http://examplesite.com/photos/backlight/modules/module-admin/lib/js/navigation.js'. This request has been blocked; the content must be served over HTTPS.
(index):1 Mixed Content: The page at 'https://examplesite.com/photos/backlight/admin/' was loaded over HTTPS, but requested an insecure script 'http://examplesite.com/photos/backlight/modules/module-admin/lib/js/jquery.fancybox.min.js'. This request has been blocked; the content must be served over HTTPS.
(index):1 Mixed Content: The page at 'https://examplesite.com/photos/backlight/admin/' was loaded over HTTPS, but requested an insecure script 'http://examplesite.com/photos/backlight/modules/module-admin/lib/js/jquery-ui.min.js'. This request has been blocked; the content must be served over HTTPS.
(index):1 Mixed Content: The page at 'https://examplesite.com/photos/backlight/admin/' was loaded over HTTPS, but requested an insecure script 'http://examplesite.com/photos/backlight/modules/module-admin/lib/js/admin.js'. This request has been blocked; the content must be served over HTTPS.
(index):1 Mixed Content: The page at 'https://examplesite.com/photos/backlight/admin/' was loaded over HTTPS, but requested an insecure script 'http://examplesite.com/photos/backlight/modules/module-admin/lib/js/footable.min.js'. This request has been blocked; the content must be served over HTTPS.
No amount of disabling .htaccess files clears the problem, nor does adding the following to the Backlight .htaccess file:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
The front end threw similar errors due to a text/html mime type problem but was solved by inserting "AddDefaultCharset utf-8" to the bottom of the root .htaccess file.
I'm stumped. Any ideas how to fix the backend of the site?
Pages: 1