Solved

Internet explorer refuses secure links HTTPS

Posted on 2014-03-11
11
797 Views
Last Modified: 2014-03-12
Hi dear Experts,

We have a website to uses SSL for some links, but as soon as you click them in any version of internet explorer, IE throws an error 'Page not found'

Obviously, this is pure pain. Can anyone know how to solve this problem server side ?

WE are scripted in Coldfusion 9

MAny thanks !
Adam
0
Comment
Question by:adam1h
  • 5
  • 2
  • 2
  • +1
11 Comments
 
LVL 5

Expert Comment

by:Martin Tarlink
Comment Utility
Could you provide more information?

Do you host that site?
If yes, on what web server  Apache, IIS, Cherokee....?

SSL setup is done on web server side and in most cases it is related to the server configuration .
You can open server log and if you host it on linux #tail -f your_log_file
and next open IE and open your page, you will see what is going on.
0
 

Author Comment

by:adam1h
Comment Utility
Hi Tarlink,

Thanks for your reply. We are on a shared server, I reckon IIS, SSL certificate is installed under a Plesk console, and I don't know much more than that.
`
Sorry this wasn't much help

Adam
0
 
LVL 11

Expert Comment

by:Manjunath Sullad
Comment Utility
Are you able to open this website in other browsers ?

If No - You need check the application link is working or not.


If you are able to acess in other browsers,

1. Check the IE add-ons and disable add-ons.

2 .If you are accessing via proxy, By pass proxy settings,

3. Check the compatible view settings in IE.

4. Add website to Trusted site list.

5. Disable / Enable popup blocker

6. Check the Java version.

7. Check the supporing plugins.

8. Try to reset Internet explorer settings and check.

_ Manjunath Sullad
0
 

Author Comment

by:adam1h
Comment Utility
Hi Manjunath,
Thanks for your reply. Yes we can see it from any browser, and same in IE, we can see it.

But when we hit a page under HTTPS, then IE doesn't want to display it. We are looking for a solution that forces IE to act and read HTTPS without any human intervention.

A coldfusion script that could apply to IE 6, 7 , 8 and avoid this hassle

Thanks !
Adam
0
 
LVL 11

Expert Comment

by:Manjunath Sullad
Comment Utility
0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 
LVL 5

Expert Comment

by:Martin Tarlink
Comment Utility
There is always problem with IE and developing :)
It could be also some error in the code.
The best way will be to look in to logs
I am not familiar with Plesk but I found this page so maybe yo will be able to dig in to and see what logs will tell you http://serverfault.com/questions/472008/plesk-9-5-access-logs-on-winows-server

Install http://getfirebug.com/firebuglite for IE and try also look for any errors
0
 

Author Comment

by:adam1h
Comment Utility
Hey Tarlink,

yes indeed, IE is a pure pile of headache :)

Our website does work in all browsers, but it is only not working when we use HTTPS , here is a link, it says 'Page cannot be displayed'

https://www.joe-cool.co.uk/index.cfm

The code is fine. If a workaround this can be done via application.cfc then I'll take it.

THANKS !
Adam
0
 
LVL 4

Expert Comment

by:Rodrigo Munera
Comment Utility
Just loaded the site and it seems to work fine on IE 11

I also noticed that you're forcing SSL on the clients (attempted to load the page with http and was redirected to https).

Make sure you're not creating an infinite loop with your redirect rules, more often than not, these will manifest themselves as "page not found" messages, though, sometimes the browser will actually tell you "Too many redirects".

if you're using a version of cgi.https to force your SSL, build in some infinite loop breaks, like a counter in the session scope or in a cookie. The error you're seeing could be the client refusing multiple redirect instructions to the same page.
0
 

Author Comment

by:adam1h
Comment Utility
Hi Rodrigo,

That's an interresting one. We do force HTTPS using our application.cfc

Here is a copy of what we use :

<!--- httpsCheck --->
	<cffunction  name="httpsCheck" access="public" returntype="void"	 output="yes" description="check if it's https protocol and redirect if required">
		
		<!--- force user to use https secure server path --->
		<cfif cgi.server_port NEQ "xxx">
			<cfset urlNow = "https://" & "#CGI.SERVER_NAME#" & "#CGI.Script_Name#" &  "?" & "#CGI.Query_String#">
			<cfoutput><meta http-equiv="Refresh" content="0; url=#urlNow#" /></cfoutput>
		</cfif>
    </cffunction>

Open in new window


Do you think we should operate another way ? We thought that forcing HTTPS was more secure...

Adam
0
 
LVL 4

Accepted Solution

by:
Rodrigo Munera earned 500 total points
Comment Utility
You can use
<cfif cgi.https NEQ "on">

Open in new window

Instead of
<cfif cgi.server_port NEQ "xxx">

Open in new window

But they both probably work using the same principle in the back-end.

I would do something like
		<cfif cgi.https EQ "on"><!--- switched the logic to avoid confusing double-negatives ---->
			<cfset session.httpCheckCount = 0><!--- here we reset the count because SSL is on --->
		<cfelse>
			<cfset urlNow = "https://" & "#CGI.SERVER_NAME#" & "#CGI.Script_Name#" &  "?" & "#CGI.Query_String#">
			<cfif session.httpCheckCount LTE 1><!--- here we ensure we're not making too many redirects --->
				<cfset session.httpCheckCount = session.httpCheckCount+1><!--- here we increase the counter for the redirects --->
				<cfoutput><meta http-equiv="Refresh" content="0; url=#urlNow#" /></cfoutput>
			</cfif>
		</cfif>

Open in new window


Also, if you're using the session variable, make sure you initialize it in the "onSessionStart" method of your application.cfc

<cfset session.httpCheckCount = 0>

Open in new window

0
 

Author Comment

by:adam1h
Comment Utility
Rodrigo,

Thanks for your help. This is good and will try it now.

the XXX was used to replace a port number I didn't wanted to list in here :-)

SPeak soon, and MANY THANKS !
Adam
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

Sometimes databases have MILLIONS of records and we need a way to quickly query that table to return the results me need. Sure you could use CFQUERY but it takes too long when there are millions of records. That is why SOLR was invented. Please …
Several part series to implement Internet Explorer 11 Enterprise Mode
This Micro Tutorial will demonstrate how nuggets on the Web are formatted by using Chrome Developer Tools. These tools would not only view the site's CSS but it can also modify it and save the CSS to use on your own site.
How to create a custom search shortcut to site-search Experts Exchange using Google in the Firefox browser. This eliminates the need to type out site:experts-exchange.com whenever you want to search the site. Launch your Bookmark Menu: Press 'Ctrl +…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now