Migrating custom LO domain to HTTPS from HTTP

Options
Anna Welch
Anna Welch
Eighth Anniversary First Comment Facilitator Level 1 Praiser Level 1
in Blackbaud Luminate Online® & Blackbaud TeamRaiser® Discussions
Hi - we're looking to migrate all our pages that live on http://support.wwf.ca to https://support.wwf.ca following this process https://kb.blackbaud.com/articles/Article/117976 "This article provides information on our process to allow clients to request their Luminate Online pages to be served securely."


Has anyone gone through this process? The list of URLs we got from Blackbaud that need to be updated to relative or https URLs includes internal webpage links, not just "images, stylesheets, and javascript files" as mentioned in the instructions. Do we have to update all the internal links to not get a mixed content/not secure warning from browsers? Or just links to content and assets that load in the page? 


Anyone's experience here would be appreciated!


Example page: http://support.wwf.ca/site/PageServer?pagename=home
Tagged:

Comments

  • Daryl Bunker
    Daryl Bunker
    Eighth Anniversary 25 Likes 10 Comments Photogenic
    Hi Anna,


    You don't necessarily have to update links to non-secure sites, as out-going links won't affect your ssl. However, when linking to your own internal pages, it would be a good idea to include the https just to reduce the number of redirects that your site will end up doing. Once that ssl is in place, http://support.wwf.ca will redirect to https://support.wwf.ca. You could go through and setup canonical tags that tell search engines to use the https, but if you're going to go through the work, just update the links.
  • Noah Cooper
    Noah Cooper
    Ancient Membership 1000 Comments 100 Likes Photogenic

    Anna Welch:

    Hi - we're looking to migrate all our pages that live on http://support.wwf.ca to https://support.wwf.ca following this process https://kb.blackbaud.com/articles/Article/117976 "This article provides information on our process to allow clients to request their Luminate Online pages to be served securely."


    Has anyone gone through this process? The list of URLs we got from Blackbaud that need to be updated to relative or https URLs includes internal webpage links, not just "images, stylesheets, and javascript files" as mentioned in the instructions. Do we have to update all the internal links to not get a mixed content/not secure warning from browsers? Or just links to content and assets that load in the page? 


    Anyone's experience here would be appreciated!


    Example page: http://support.wwf.ca/site/PageServer?pagename=home

    Existing hyperlinks that use HTTP URLs will redirect to HTTPS if someone clicks on them. However, this will have one negative consequence -- once your UserLogin page is set to be HTTPS, users who login will only have a session on the secure channel. So, if a user logs in on HTTPS, then visits a page and clicks on an HTTP link which redirects, they'll be logged out and will have to log back in again. For this reason, it'd be best to update URLs to be HTTPS (specifically for those Luminate Online applications which are now secure, which is UserLogin, TeamRaiser, and Ecommerce).

  • Anna Welch
    Anna Welch
    Eighth Anniversary First Comment Facilitator Level 1 Praiser Level 1

    Noah Cooper:

    Anna Welch:

    Hi - we're looking to migrate all our pages that live on http://support.wwf.ca to https://support.wwf.ca following this process https://kb.blackbaud.com/articles/Article/117976 "This article provides information on our process to allow clients to request their Luminate Online pages to be served securely."


    Has anyone gone through this process? The list of URLs we got from Blackbaud that need to be updated to relative or https URLs includes internal webpage links, not just "images, stylesheets, and javascript files" as mentioned in the instructions. Do we have to update all the internal links to not get a mixed content/not secure warning from browsers? Or just links to content and assets that load in the page? 


    Anyone's experience here would be appreciated!


    Example page: http://support.wwf.ca/site/PageServer?pagename=home

    Existing hyperlinks that use HTTP URLs will redirect to HTTPS if someone clicks on them. However, this will have one negative consequence -- once your UserLogin page is set to be HTTPS, users who login will only have a session on the secure channel. So, if a user logs in on HTTPS, then visits a page and clicks on an HTTP link which redirects, they'll be logged out and will have to log back in again. For this reason, it'd be best to update URLs to be HTTPS (specifically for those Luminate Online applications which are now secure, which is UserLogin, TeamRaiser, and Ecommerce).

     

    Thanks Noah and Daryl! Super helpful. I think we'll move forward with just updating content/assets first to avoid the Google Chrome warning in July and then work through switching all internal links from http to https to avoid the issues you've outlined. 

Categories