5 characters appearing in URL - azure

I've been having an issue off and on, hard to reproduce, but happening reasonably regularly.
I have static files on Azure blog storage, and here's the setup - a lot of steps to set up, but it works most of the time - I used this blog as my guide:
index.html lives on the "webfiles" container in blob storage
the CDN points to /webfiles
there's a URL rewrite in the CDN setup from / to /index.html
DNS redirects http://example.com to https://www.example.com
DNS for www points to the CDN URL
When I go to http://example.com, 9 times out of 10, it properly redirects to https://www.example.com/ and loads the index.html page. However, sometimes, and it seems to generally be on a clean browser with no history, it'll send me to something with 5 extra characters, like https://www.example.com/VeVPe/ where I get a 404 and a BlobNotFound exception - I have no idea what VeVPe is, and it seems to be different for different sites. I have 5 sites set up like this, and it happens to all of them.
If I remove that 5-letter (always seems to be letters, never numbers, but that could just be coincidence) and hit ENTER, it loads properly and I get index.html, or if I just try http://example.com a second time, it works properly. Just seems to be one time.
I've also seen it happen to other sites in the public - there's a local school where the website sometimes redirects me to http://www.example.com/LNnZS/ and a 404 page - that one seems to be the same thing, but it's not HTTPS, so that seems to eliminate at least some of the possible causes. I don't know who their DNS or hosting providers are, so I don't know if it's specific to Azure or GoDaddy.
This happens on Chrome and Edge on desktop and Safari on iPhone, so it's not a browser or computer issue.
If it helps, here's what the URL redirect and rewrite look like on Azure:
EDIT I'm seeing something interesting when I can catch it in browser tools:
The initial request to http://example.com goes to GoDaddy's IP and returns a 302 Found to Location /KVZQZ/. Then there's a request to http://example.com/KVZQZ/ which is returned by GoDaddy's IP with a 301 with a Location https://www.example.com/KVZQZ/, and the third request actually makes it to Azure's IP which returns the 404 for BlobNotFound.
So to me, this looks like it's a DNS problem, not a problem with Azure. My DNS settings are:
A # Forwarded to https://www.example.com
CNAME www example.azureedge.net
On the forwarding section of the DNS setup, it just forward to https://www.example.com with a 301 forward type. So from what I can tell, nothing too funky here.

After a lot of Googling - This forum post shows lots of people who have had the same problem where 5-letter codes get added to their site. It's apparently specific to GoDaddy and no one has been able to convince them to address it. Their workaround is to throw a query string on the forwarding address.
I changed the forwarding address from https://www.example.com to https://www.example.com? and it's working ok now.
I made a request in the browser to http://example.com and it redirected me to https://www.example.com/?/MKSTc/ and loaded up the index.html page - obviously this is not ideal because it's ugly, but I suppose I can write some javascript to do a second redirect back to https://www.example.com/

Related

moved domains and 301 redirects are not working...?

We have recently moved our website from the old domain to a new domain. The old domain is now empty except for the .htaccess file which is as follows (eg):
redirect 301 /examplepage.html https://www.newdomain.com/examplepage.html
However, when we test the old link it isn't redirecting.
We've tried tech support from the domain people, but they have given us a couple of bogus sounding excuses (like the old domain has no files other than the .htaccess). The latest reason they suggested was that the old domain no longer has a certificate installed so the https pages aren't redirecting.
To be fair, we do get a different result if searching for a page using http/https:
for HTTP we get "Not Found
The requested URL was not found on this server."
for HTTPS we get "This site can’t be reached www.domainname.co.uk unexpectedly closed the connection.
ERR_CONNECTION_CLOSED"
Any ideas where we're going wrong or how to fix this...?

How to change DNS settings to redirect website.com to www.website.com?

I have a DNS linked to Sites using CNAME from www in my DNS settings below. So when i type www.website.com it redirects me properly but when I type website.com nothing happens. I am thinking about editing # to add something to redirect to the www but I am not sure how to do that. Cold you please help me out?
Depends on the web server your utilizing, but what your looking for is url redirects. You can put in different urls and have the redirect to the primary. So you would place your domain.com in here to redirect to your binded url which is the www.domain.com. should also be able to use it to redirect http to https, though this is usually less of an issue with browsers and servers today.

Force a redirect with Cloudflare on a GitLab hosted website?

I have a site hosted on GitLab pages and using Cloudflare to manage the domain DNS, when I try to access the site using mysite.com it returns the website like it should, but when I enter www.mysite.com it returns an error 404 page from GitLab something like this GitLab error 404 page
I have tried to create page rules on Cloudflare but it's doesn't seem to have resolved the problem (yet), It's been over 10 hours, I have no idea how long this should take or if I am doing the right thing in the first place.

Need Domain Name assistance - Please

I have a small issue. I have tried for the last hour to find a solution for this on this and many other websites. I have found similar but none have provided an answer that works. Heres that problem:
I have a badge on my website that was given to me by Norton online protection. they provided me with a script file and I placed it where it should go. NOW, this script is registered to "www.example.com" but if someone goes to their browsertypes in just "example.com" without the WWW. the Norton badge never shows.
I spoke with Godaddy this morning and they have no solution so that's why I'm asking on here.
Is there a to send a domiain name to the same domain name? so that it always shows the WWW?
Configure your webserver such that www.example.com is one site (your actual site with your content), and you have another site that is example.com (no www subdomain) as a site that you can now configure to redirect to your actual site. How that step is done depends on which webserver you are using, but basically these is a way to do that on any webserver (Apache, IIS, etc).
You could try to read the URL and check if 'www' is present in the URL. If it is not present redirect the visitors to www.example.com
In php you could use the below for redirection
header('Location: http://www.example.com/');

Is there a way to always require or force the 'www' subdomain on a site?

I want to prevent users from going to say example.com and only go to www.example.com, we are using IIS 6. So say they go to example.com it could tack on the www.example.com, etc.
Is this a setting somewhere or will I have to code it to check for the subdomain when they land and redirect accordingly?
EDIT: I know the best way is to move away from the www prefix but for whatever reason if the user launches a course (this is an LMS) without the www in the URL the tracking does not work for the .asmx file, that is why I am trying to force the 'www' because if some people don't have it then they wonder why the tracking does not work.
If you're using ASP.NET create an HttpModule, handle the BeginRequest event and add this code inside your handler:
HttpApplication application = (HttpApplication)source;
HttpContext context = application.Context;
if (context.Request.Url.Host == "example.com")
{
context.Response.Clear();
context.Response.Status = "301 Moved Permanently";
context.Response.AddHeader("Location", "http://www.example.com" + context.Request.RawUrl);
}
Note that I didn't use Response.Redirect(), this is done for the sake of SEO, as Response.Redirect() always returns status 302 which means the object was moved temporarily while status 301 means the object was moved permanently, this will keep the PageRank of your pages from being divided between the www and the non-www versions (if search engine crawlers can access the page using both the www and the non-www URLs, they will divide your PageRank between the two, hence is the use of 301 which search engine crawlers understand and will keep your PageRank to only the www version of your site).
As both records already point to the correct server...
...you could simply set up a new website in IIS (server version needed) and have it respond only to example.com (the host header setting) and have it redirect to the wanted url (check redirect to url in Home Directory tab and enter www.example.com). The original site should then handle it (you could set it's host header to answer to www.example.com to be more specific).
If you can't do that on the web server, your publishing firewall should be able to, or you might consider replacing it. Your DNS provider might also provide (pun not intended) a redirect service (doing basically the same thing as above for you I guess).
As per other responses, arrange for a 301 redirect from the unadorned domain name to the site with the www. prefix.
Given that I actually work in the DNS industry, I'd like to share my views on the www. debate:
For now, at least, IMHO, the preferred version of URLs should be with the www. prefix. The hostname part of a URL is exactly that, it is a hostname. The only DNS resource records that your browser will search for are A (and possibly AAAA for IPv6) records, and the resulting IP address is that which it'll connect to.
It is not a web site address - only the full URL (with the http:// prefix) specifies that this host is expecting to receive HTTP connections on port 80.
The whole reason for the www. prefix in the first place was to allow for the separation of different protocols to different hosts. As Verisign showed when they (briefly) introduced their "SiteFinder" service several years ago, assuming that every request for an A record is for the use of the HTTP protocol is a massive mistake.
Having the canonical version of your URL be the one with the www. prefix also makes cookie handling easier, and allows for easier splitting of static content to content delivery networks (as recommended by Yahoo!, Google, etc).
Now, there is a DNS record type (SRV, see RFC 2782) which uses a service and transport prefix to allow a single domain name to dispatch different protocols to different hosts (and hence IP addresses).
The ideal DNS set up would be a record that looks like:
_http._tcp.example.com IN SRV 10 0 80 www.example.com.
This says that all requests for HTTP URIs over TCP/IP should be addressed to TCP port 80 on the hostname www.example.com. Note that with this syntax you could also have HTTP services automatically server from ports other than port 80 without the port number being part of the URL.
The SRV record is a required part of SIP, and is commonly used for Jabber (XMPP). However AFAIK no browser uses it. :(
Contact your host (or your domain registrar) and have them set it up to work with or without www. It should however work both ways or only one way if you so wanted. I'm assuming you have a host and are not running your own web server/domain name registration, lol.
This is how it works, regardless of whether or not you should.
This is handled by DNS. Usually, example.com and www.example.com will point to the same server, but they don't have to. If www.example.com isn't explicitly registered, then the request gets sent to the example.com server, and that server gets to decide what www.example.com means, as well as mail.example.com, ftp.example.com, home.example.com, users.example.com, and so on.
Edit: I realize this story is sort of incomplete, as these days Apache gets handed the URL that you used to get in with, and it may interpret a subdomain from that, and direct the request to a virtual site. But this shouldn't be a factor at the "www" level.
The typical way this is done by web sites is to do an HTTP redirect from example.com to www.example.com. You do this by returning either HTTP Status code 301 (permanent redirect) or 302 (temporary redirect) when user goes to example.com, and setting the HTTP location: field in the response to http://www.example.com. Google for "301 versus 302" to see when you should use either.
Note that this is an HTTP feature, not something provided by DNS... some domain name providers however do provide HTTP redirect facility for you if you use their name servers.
Note you can test this out for yourself. Go to http://web-sniffer.net and type yahoo.com (or microsoft.com or any major web site). You'll see that they respond to a redirect with the www version of the name (in less common cases some web sites go the other way, redirect www to the non-www version of the name).
When I had the misfortune to work on Microsoft's web stack, I used ISAPI_Rewrite to force www. prefixing (among other things).
At my web site I just put the following into the .htaccess file:
RewriteEngine on
RewriteBase /
RewriteCond %{HTTP_HOST} ^tafkas\.net$ [NC]
RewriteRule ^(.*)$ http://www.tafkas.net/$1 [L,R=301]
For Apache based server you can use this code
RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\.yourdomain\.com$ [NC]
RewriteRule (.*) http://www.yourdomain.com/$1 [R=301,L]
Explanation: The first line just turns the rewrite engine on. The second line of code is to check the url entered by the user. The bash sign (!) means not equal to. The carrot sign (^) means the beginning of the statement to be checked. Backslash dot (.) refers to the special character of dot, which when used without backslash means 'anything'. The dollar sign at the end of the statement refers to the end of the url. The third statement states that if the input given by the users is not the one as given in statement two, then proceed as follows. (.*) means that anything and any number of times. This is used so as the save anything written by the user after yourdomain.com/ gets stored in the variable $1. R=301 refers to the permanent redirection, and L states that this is the last in the series of status codes.
As stated adding the WWW is the opposite direction to be going. WWW is a redundancy these days.
You can check out http://no-www.org/ for further information.
This is actually backwards. It was how they did it in 1998, but now you're supposed to if anything drop the www.
Also, example.com is specifically reserved for posting example urls. Someone probably actually owns and uses the one you provided. How do you know you're not pointing someone to a porn or malware site with that random example?

Resources