Question2Answer is an open-source PHP forum script that can be download for free from question2answer.org. In this article we will guide you on, How you can enable or set HTTPS i.e. SSL only for signed users and sensitive pages like register, login and forget password.
In order to force the users to use HTTPS protocol instead of HTTP protocol in the cases like the user has logined, registering i.e signing up to your forum and resetting password you need to follow following steps:
- Locate the qa-theme folder in the default directory where you have installed the q2a forum
- Open your default theme’s folder
- Create a new PHP file and name it to ssl_secure.php
- Edit it once you have created ssl_secure.php file
- Now, add following PHP code into the file, ssl_secure.php and save it
<?php
if(!(isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off'))
{
$cur_uri=substr($_SERVER["REQUEST_URI"],0,20);
if( strpos($cur_uri, 'login') || strpos($cur_uri, 'register') || strpos($cur_uri, 'forgot')){
header('Location: https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
}
$userid=qa_get_logged_in_userid();
if(!empty($userid)) {
header('Location: https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
}
}
- Now located the qa-theme.php file and add following code at the top of the page just below the line
<?php
include "ssl_secure.php";
That’s all you need to do.