I'm trying to use the recently announced (in preview) managed certificates for Azure app service. One of the limitations is that you can't get one for naked domains. eg.: you can get one for www.domain.com, but not domain.com.
In my (current) web.config, I'm redirecting from 'naked' to 'www' anyway using rewrite rules, so beeing limited to 'www' is not a real problem. However, as the redirect takes place at the web.config level, that is, after the request has hit the webserver, this is too late: when 'domain.com' gets hit and tries to redirect, the browser has already seen the insecure connection to the naked domain (depending on browser) will display a warning page.
So how is one supposed to do deal with the "naked" domains? No more redirects at all? Or are there other methods to do this besides web.config configurations? I did look, but did not find anything.
Adding to Jack's suggestions.
Currently, the preview offering only supports CNAME based validation. Thanks for the feedback and it is on our list of future improvements to consider however we do not have any ETA on this yet. So, request you to up-vote this feedback post on Uservoice-
https://feedback.azure.com/forums/169385-web-apps/suggestions/38981932-add-naked-domain-support-to-app-service-managed-ce
Alternatively, you may try to forward apex domains to subdomain such as www.
So based on your requirement, to redirect -
https://yourdomain.com -> https://www.yourdomain.com
If you are using App Service Domain, you can forward your domain by going to 'Advanced Management portal' of the domain resource.
So, after a long time, Azure finally supports this. One can simply use a managed cert for naked domains.
See here: https://azure.github.io/AppService/2021/03/02/asmc-apex-domain.html
In this scenario, I think a redirect is necessary.
We can get some clues from other international websites. For example: when I try to access http://google.com, actually I will get a 301 redirect which redirects me to http://www.google.com, and then I will get a 302 redirect which redirects me to https://www.google.com/?gws_rd=ssl
So, as managed certificate does not support naked domain. I suggest you directly add your www subdomain to your web app. And then create managed certificate to that www subdomain.
And, finally, you can add 301 and 302 redirect rules in your DNS provider, which will ensure all requests to naked domain will be redirected to www subdomain. This could be done in your DNS provider before your web app.
So after some time trying things, here's how i ended up dealing with this:
- Using managed domain certificates for all hostname.Domain.tld names
- Using the letsencrypt script (from extensions) to get a cert for the naked domain
Once azure will provide certs for the naked domain, i will retire the script.
This might be a stupid question, and for that I'm sorry, I'm not well-versed in DNS configurations (so perhaps I shouldn't be meddling in this, lol), but anyhow..
I have a web app running in Azure that is currently undergoing a bit of a name change. Therefore, I want to redirect users trying to access my domain to another domain, let's say https://example.com to https://subdomain.anotherexample.com. I own both domains and have certificates for both of them, but I cannot for the life of me understand how (or if its even possible) to redirect users in this way?
I have both URLs configured as A records for the underlying IPv4 adress, and have tried to configure a re-direct in my cPanel to redirect the domain example.com to https://subdomain.anotherexample.com, but if I try to access https://example.com it just complains that the certificate is from another provider (not my Azure certificate, but instead my web hosting certificate used for other sites). Both URLs are set up as custom domains for the same app service in Azure with SNI SSL certificate bindings where example.com is bound to a standard certificate for that specific domain, while subdomain.anotherexample.com is bound to a wildcard certificate for *.anotherexample.com.
I assume there must be something that's not allowed in trying to redirect between two different domains where https is involved because trying to access http://example.com works (i.e. it re-directs to https://subdomain.anotherexample.com). Do I have to write some kind of script server-side that re-directs users manually?
I have a simple website host that gives me a domain like website.com which show the website hosted on that server.
I have a CNAME on website.com that redirects to server.cloudapp.net (Azure Virtual machine running Linux)
server.website.com redirects to server.cloudapp.net.
I need to access the user camera on Chrome, and for that, the website need's SSL.
I can purchase a SSL certificate for website.com, but would it work on my cname?
The certificates subject must include all names you see in the URL in the browser. Thus is you have a CNAME aliasing foo.example.com to bar.example.com than foo.example.com will be the one visible in the URL and you must have the certificate for it.
Note that CNAME is just an alias and not a redirection. With a redirection (i.e. HTTP status codes 30x) the URL would change, while with a CNAME it does not.
I have 2 websites in my hosting account at bluehost. The main domain (maindomain.com) has an SSL and there is one registration page where I need to use https//www.maindomain.com.
I also have an add-on domain (addondomain.com) and am hosting the website for that in the same account. There is no necessity for a secure connection.
However, I want to make sure that if https://addonsite.com is used, it redirects to http://addonsite.com. The reason is that now if you go to https://addonsite.com, it shows that in the URL address window, but the maindomain.com website loads.
I have tried adding redirects to both .htaccess files (for maindomain.com and addondomain.com), but cannot seem to get it to work. Is it possible to do this with a main domain and add on domain if there is an SSL on the main domain?
My web site (mywebsite.name) is on a shared hosting and I have an addon domain (addondomain.eu) there. Since it is an addon domain on a shared hosting anyone can access my addon domain from addondomain.mywebsite.name
How can I restrict acessing to addondomain.mywebsite.name with htaccess?
I'm sure you could use an urlrewrite to block access to the site from a specific url. but a better question is why would you want to? all you're doing is blocking legitimate visitors. a better option would be to redirect people back to your main domain.