[Help] Make MTA web server resources work on HTTPS

[koragg]

Hey everyone,

 

Been a while but I'm planning to come back to the MTA scripting scene after a few years of being busy with finishing my studies and with work. The release of 1.6 couldn't have been more perfect in its timing

I have setup a few web resources which I can access the following way: http://192.168.56.1:22005/webtoptimes/

Problem is that if I have my website / forum hosted on a HTTPS provider including that HTTP link from above in an iframe causes an error of the sort "Cannot use http on https domain" or something similar (haven't set up the site yet so can't paste the exact error but this was what I remember from years ago when I tried the same).

So I guess my question is more related towards the web part of things but is there a way to allow HTTP links in iframes to work fine on an HTTPS host ? Or if there is a way to make those web resource links use HTTPS instead of HTTP.

Edited June 18, 2023 by koragg

[Addlibs]

You can set up a reverse proxy on your server machine if you have access to one. The idea is that you want to add a new HTTPS-enabled port that connects to nginx/Apache web server ("web server"), which in turn connects to the MTA server's HTTP server ("MTA server web portal") using non-secure HTTP (this is mostly fine if both programs run on the same machine, no external networks are used in between and the firewall is properly configured). Once that is set up, you can outright block the MTA server web portal access from all external IP addresses as well for added security. Now, you can point your iframes to this web server and it will display what the MTA server web portal displays.

There are plenty of good reverse-proxy guides you can find for nginx/Apache. And while you're at it, you can also use this new nginx/Apache server as an external download server (see httpdownloadurl in mtaserver.conf) and enable gzip or zopfli (this one is slower but provides much more significant reduction in file size) compression (MTA clients support receiving compressed resources but the built-in MTA server does not compress resources before sending) to make the download size smaller for the players on your server.

Edited June 18, 2023 by Addlibs

[koragg]

Oh wow, this seems not so simple. Will have to first restore my website and see what host I'll have and if I'll be able to do those things. Thanks for the detailed explanation

[koragg]

Hello again, it's been almost a year but the same problem arose for another website.

Can you give a link to a very detailed tutorial as to what and how to do in order to get this working @Addlibs (or anyone else of course) ?

This is very annoying that I cannot just include a normal HTTP iframe into my HTTPS website. Yes, I know it's less secure but the option should be there nontheless.