In addition to new features aimed at streamlining the development workflow and simplifying content management in Mura CMS, version 6.2 adds a few key security enhancements including simplified configuration of Secure Socket Layer (SSL) coverage.
While SSL coverage has long been available with a per-page setting for enforcement of the https:// url prefix, the new option in the Mura CMS Site Settings Manager provides a one-click solution for sites where complete SSL coverage is desired. Simply select "yes" as the value of the "Use SSL (Sitewide)" option in the site settings, and every page within the Mura site will be delivered with https:// coverage.
Before enabling this option, a valid SSL certificate must be installed by the server administrator. If the server is not configured to deliver pages in this site's domain under SSL coverage, enabling this setting will cause all pages to be unavailable to the browser.
Off-site assets such as third party scripts, links to remote images or files, or iframes using http:// prefix may cause the viewer's browser to display an error message about "insecure content" on the page. This is not something that can be controlled within Mura , but rather must be corrected by adding the https:// prefix to the code which invokes those assets, or using the universal "//" protocol-less prefix, which allows for either http or https delivery.
To set only specific pages of your Mura site to use SSL coverage while serving other parts of the site under standard the http:// prefix, turn the "Use SSL (Sitewide)" setting off by selecting the "No" value in the Site Settings, and use the option on each page, under the "Advanced" tab of the Content Editor, to enable https:// coverage for that page. Note, this setting is hidden when Sitewide SSL coverage is enabled.
Also see Mura CMS v6 Documentation: Site Settings
Further documentation for Mura CMS developers and content managers is available at docs.getmura.com.
Learn more about Mura's powerful features and flexible options at www.getmura.com.