Hey there
There are no changes between the .htaccess
file in version 8.9 and the .htaccess
file in 9.0, so feel free to keep using the same file.
Just a heads up, there will be a few lines that are new/changed in version 9.1. This will be for adding WebP support, and a more friendly URL for Organizer. However it should be a simple job to go through the two files and apply the changes, so I wouldn't worry about this in advance.
Another question : after upgrading site to latest Zenario Version if I decide I want to restore a my site from an older back-up from a few months back -- can I restore backups from older version of Zenario without having to reinstall or recreate a blank DB?
Yes of course. If you use an older DB with newer software, you should just get a message when you log in as an administrator, saying that you have newer software and that your database needs to be upgraded. This is quite standard procedure.
If it's a big upgrade (0.1 or more) the site will be offline for a while until you log in and apply the updates. Make sure you're not working on your only copy of the data in case things go wrong but we do this process a lot in house and it's generally fairly reliable.
Remember to look at our change log page as sometimes there are things that you as a sysadmin need to do (such as moving skins directory when you get to Zenario 9.0).
If you have a lot of images, you may find an upgrade can take some time to run, as there are changes in how Zenario handles images. If you get a time-out, retry a few times (we have some big sites which take 10 or 20 minutes to process the images when upgrading).
Hey, just to add one small point to this. There is actually a limit to how far back you can go when restoring a backup.
The current version of Zenario requires that your backup be taken from a copy of Zenario that's was least version 8.2 or later.
In practice this means that if you have a backup that's no older than about 3 or 4 years, it should be fine.
Thank you both for this very awesome software and your willingness to make it open source !!!
Hi Mike,
Thanks for your feedback, glad you like the product!
Just to reply properly on your question about .htaccess files, you are right to observe that there could be better rules in .htaccess to direct users' browsers to https.
I guess we've not put those things into .htaccess by default because it could hamper people setting up a site that's temporarily on http and don't yet have their certificate/https set up correctly. The other issue, depending on how many domains point to your site, is that the use of %{HTTP_HOST}
is a wildcard, and so http requests on any domain that point to your site will be redirected to the https, whereas you probably would all of them pointing to whatever you consider your "primary" domain.
Here is what we have on many of our hosted sites, in an Apache virtual host file:
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName zenar.io
Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains;"
## Error log, certificate info, DocumentRoot and Directory here
</VirtualHost>
<VirtualHost *:443>
ServerName www.zenar.io
## Error log, certificate info here
RewriteEngine On
RewriteRule ^ https://zenar.io%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
</IfModule>
<VirtualHost *:80>
ServerName zenar.io
ServerAlias www.zenar.io
ServerAlias tribiq.com
ServerAlias www.tribiq.com
RewriteEngine On
RewriteRule ^ https://zenar.io%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
But essentially, it achieves a similar thing, and if you only use one domain on your site then your .htaccess modifications look perfectly sensible.
Note to check out video tutorials such as this one (unless you're already doing this!) to make sure you get the most out of aliases.
best regards
Tony
Just thought I would throw this out in case this is not correct... - I use hosting that apparent does not play by some rules when it comes to path configurations and found it necessary to add RewriteBase / to the .htaccess file as follows:
...
Options -Indexes
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
...
In order to properly handle http & https I added the following:
...
# I added this to redirect http to https
RewriteCond %{HTTPS} !=on
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301,NE]
Header always set Content-Security-Policy "upgrade-insecure-requests;"
...
However, after install of of V9.0.x is it OK to use backup of older version?? (8.9.x)
THX
Mike