Login Form Is Not Submitted Via HTTPS

When I access my site (https://rideright.com/) it is HTTPS and when I click to login (https://rideright.com/web/login) it is still HTTPS, however if logout and it goes to the login in page it is no longer secure (http://rideright.com:8069/web/login).

Odoo, the website software (which is part of a full ERP system) uses the port 8069.

I need to know how to keep the entire site secure as I am not in compliance with PCI requirements.

My domain is: rideright.com

I ran this command:

It produced this output:

My web server is (include version): Caddy,Werkzeug/0.11.11 Python/2.7.12

The operating system my web server runs on is (include version):Ubuntu 16.04

My hosting provider, if applicable, is: digital ocean

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

1 Like

Hi @RideRight

then you have to check your configuration. Your port 8069 must be a https port.

Use the vHost of port 443 as template.

But there is one problem: Normally, one port uses one protocol. So you can't use http and https with the same port.

Perhaps it may be easier to create a second https port and add a redirect http + port 8069 -> https + new port.

1 Like

Another option is to configure your existing server to proxy connections to the ERP software in some way.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.