301 permanent, 302 temporary |
301 permanent, 302 temporary |
Advanced options |
Advanced options |
Force HTTPS for administration |
Force HTTPS for administration |
Force HTTPS for identification |
Force HTTPS for identification |
Force usage of HTTPS on this site |
Force usage of HTTPS on this site |
Global HTTPS |
Global HTTPS |
Global activation |
Global activation |
HTTPS activated for administration pages only |
HTTPS activated for administration pages only |
HTTPS activated for identification, register and profile pages only |
HTTPS activated for identification, register and profile pages only |
HTTPS available |
HTTPS available |
HTTPS unavailable |
HTTPS unavailable |
I have proceeded to the manual check |
I have proceeded to the manual check |
Manual Verification |
Manual Verification |
Parial activation |
Partial activation |
Plugin could not automatically verify your host SSL/HTTPS compatibility. Please manually check that HTTPS navigation is available using the following button. Do NOT activate HTTPS if page within the popup can not be loaded successfully. |
Plugin could not automatically verify your host SSL/HTTPS compatibility. Please manually check that HTTPS navigation is available using the following button. Do NOT activate HTTPS if page within the popup can not be loaded successfully. |
Your hosting server does not support HTTPS, a SSL certificate is required. Plugin activation is disabled. |
Your hosting server does not support HTTPS, a SSL certificate is required. Plugin activation is disabled. |
Your hosting server does support HTTPS. |
Your hosting server does support HTTPS. |
fhp_about |
About |
fhp_activate_sts_comment |
Active HTTP Strict Transport Security (HSTS)<br/>This option must be activated if you own a signed TLS certficate. It has no effect if "Force HTTPS" is turned off<br/><br/> <i>HSTS is a web security mechanism whereby the web server declares the web browser to interact with it only using secure HTTPS connections. When HSTS is active, a header field "Strict-Transport-Security" is placed in http header, and any site link is automatically replaced with a secured link.<br/></i> |
fhp_activate_sts_comment_short |
Activates HTTP Strict Transport Security (HSTS). To use only if you own a signed TLS certficate |
fhp_activate_sts_label |
Use STS |
fhp_description |
This plugin fills a security gap in Piwigo. It allows administrators to force the usage of SSL secured connections for browsing Piwigo (when https is available on the hosting server). <br>It is highly recommend to use secured connections to protect user and password transmissions. |
fhp_force_https_comment |
Activate this option to force clients to connect to Piwigo through a secured connection. |
fhp_force_https_label |
Force HTTPS |
fhp_force_https_warning |
<b>Warning!</b> Before activating secured connection, please verify your server supports https. You can click on the following link to test (loads this page in https mode). |
fhp_options_group |
Options |
fhp_security_group |
Security settings |
fhp_sts_maxage_comment |
STS max-age in seconds |
fhp_sts_maxage_label |
STS max-age |
fhp_submit |
Submit |
fhp_test_https_link |
Test this page in https (popup window) |
max-age must be set to a minimum of six months (15768000), but longer periods such as two years (63072000) are recommended |
Max-age should equal a minimum of six months duration (15768000), but a longer period like two years (63072000) is recommended |
seconds |
sekunder |