Forums | Mahara Community

Support /
How to setup SSL/HTTPS for Mahara

24 June 2009, 11:38 AM

Hi all,

I have not found any answer in this forum regarding the issue of how to setup SSL for Mahara (all pages). 

I have installed an certificate via Plesk with the option of only one directory for SSL and non-SSL content.

Do I have to add anything to the config.php file or to the .htaccess file? 

By typing ...


.. I get an "open_basedir restriction in effect" error message that tells me that the "maharadata" directory is not in the allowed path, although it is correctly included in the "vhost.conf" :(

Any idea?
Many thanks in advance!

BR, Peer 

Nigel's profile picture
Posts: 1643

24 June 2009, 11:12 PM

Hi. That's a PHP error, with nothing to do with SSL.

Mahara will run fine with SSL, there's no configuration required. You just need to set up the domain and cert properly, and make sure the wwwroot is https://, which will happen automatically if you install Mahara after setting up the https, and you can change easily enough in the DB if not.

25 June 2009, 2:39 AM

Hi Nigel,

ok, I will investigate the php issue.

However, how do I have to change the wwwroot within the DB? Mahara has been installed before SSL. 

Do I have to edit the config.php additionally? 

Many thanks in advance!

BR, Peer 

Nigel's profile picture
Posts: 1643

25 June 2009, 9:28 PM

Sadly no. You have to run a query against the database. If you have access to something like PHPMyAdmin then you can use that. Otherwise, the raw SQL needed is:

UPDATE config SET value = '[new-wwwroot-here]' WHERE field = 'wwwroot';

26 June 2009, 6:51 AM

Got it :)

Added in config.php:
$cfg->wwwroot = 'https://www.mydomain.tld/';

Solved the php error issue by coying file

vhost.conf  ->  vhost_ssl.conf     (in folder /vhosts/mydomain.tld/conf on Ubuntu)

Reloaded the vhost settings via 

/usr/local/psa/admin/sbin/websrvmng --reconfigure-vhost --vhost-name=mydomain.tld

and restarted the apache server. 

Finally I added the following lines to the .htaccess file:

 RewriteEngine On

# force www.
RewriteCond %{HTTP_HOST} !^www.mydomain.tld$
RewriteRule ^(.*)$ http://www.mydomain.tld/$1 [R=301,L]
# force HTTPS encryption
RewriteCond %{SERVER_PORT}     !^443$
# for all 
RewriteRule (.*)  https://%{SERVER_NAME}%{REQUEST_URI}

Ready :)

BR, Peer 

5 results