https_redirect

Connections that aren't over SSL don't provide password encryption in a meaningful way. As a result, unless you have an SSL certificate installed, your users will not be able to change passwords with the FCWS Web interface unless they are connected to an https secure site.

The begs the question then. Once you have an SSL certificate installed, how can you ensure that your users are always directed to the secure site if they fail to add the "s" to http?

Currently, there is no CherryPy Python redirection parameter available and there has been some suggestions made that you can also install another web server on port 80 (like Apache or IIS) and then redirect any traffic to the default site page there to port 443 and your secure SSL FCWS site running on CherryPy. This would mean installing a second web server and subsequently modifying the startup file to disable port 80.

Fortunately, there is a simpler solution thanks to Anders Uppsäll, from our Swedish partners ett.se.

As soon as you add any certificates to your FCWS folder, the startup file is configured to automatically stop listening on port 80, so the redirect described below will never happen since FCWS is not listening on this port.

If you want the redirect to work you need to add a -e parameter to your startup batch file for fcws so that it will listen on both port 80 and 443, but will redirect to port 443 all the time.

C:\python27\python.exe "C:\Program Files\FirstClass Web Services\fcws\cherry.pyc" -e

1. Make a copy of the login.html file found in the /fcws/localized/lang/html folder (in my case the lang is en

2. Place your copy in the /fcws/localized/lang/user/html folder and open it in a text editor.

3. Between the last </script> tag and <</html> at the end of the document, enter the following"

5. Open the /fcws/localized/lang/modules folder and DELETE login.html.py and login.html.pyc

Now, anyone attempting to connect to http://yoursiteaddress will be reidrected to https://yoursiteaddress