I have my domain pointed in Cloudflare with SSL. My website runs with HTTPS protocol. The reason i mention them running is this.
I have my blog at blogspot and want to give it custom domain name which google allows. Unfortunately google wont allow HTTPS there. I had created my blog like this in DNS as blog.domain.com which runs as https://blog.domain.com and if i host this subdomain via Github, it opens correctly. The problem is when i use this subdomain in blogger, then there arises conflict and my site goes offline. Where am i mistaking in setting up all this?
Don't enable full or restricted SSL option in cloudflare. Use flexible SSL instead. This will setup things correctly.
Related
Hi everyone need your support with the following problem. Please do apologies if I confuse you in anyways with my explanation.
I have a add-on domain (example.com) pointed to a Godaddy Linux server, domain is also in the Godaddy same account.
The web application for "example.com" is a Laravel 5.6 based one, and the web app has 'Get' type search form which needs to be forwarded to another Windows IIS server's port with all the query strings where another web app is hosted. the action of the from will be similar to below.
Request => http://sub1.example.com/route/method?var=val1&var2=val2&var3=val3
From this point on-wards the application has to continue work from the IIS server with the subdomain, which mean I am not expecting any replies from this IIS server to the Linux server.
Its been advised to use the subdomain to mask the forwarding to the IIS server, so I did like above with sub1 sub-domain. This subdomain has to be forwarded to a server's port as I mentioned above, something similar to below.
http://sub1.example.com => http://xxx.xxx.xxx.xx:9596
I did tried with the Godaddy's default subdomain forwarding with masking, but the query strings are not being forwarded and shows "Destination Unknown" error.
In a online forum its been advised not to go with Godaddy's forwarding instead go with .htaccess to have more control.
Therefore any possible solutions or your support with the redirection with .htaccess from web application to the external web server's specific port along with the query strings would be a life saver.
Thank you in advance.
As per the GoDaddy support, the domain forwarding to a IP's port is not possible with the Shared hosting.
The support suggested to go-ahead with the VPS and configure.
Please do comment, if this is wrong statement!
So I had github pages set up with a custom domain without problem on namecheap a day ago. Then I tried switching to Https via github's newly added support for https on pages. After too much frustration I switched over to CloudFlare for Https but I'm now getting an error ERR_TOO_MANY_REDIRECTS
Here's my DNS settings on CloudFlare.
Check your SSL setting in the Crypto tab. You should have it set to "Full". If it is set to "Flexible", then Cloudflare will use HTTP to connect to the origin, even when the client browser connects to Cloudflare over HTTPS. GitHub is probably responding with a redirect to HTTPS in this case -- not realizing that the original client is already using HTTPS, and so this redirect creates a loop.
More info here:
https://support.cloudflare.com/hc/en-us/articles/115000219871
The two typical causes of redirect loop errors are:
Cloudflare SSL options that are incompatible with your origin web
server’s configuration, and
Page Rule misconfiguration.
you can update in Custom domain github pages
https://github.com/yourusername/yourusername.github.io/settings/pages
Custom domains allow you to serve your site from a domain other than xxx.com with www, i was clear this issue with this way.
I'm trying to find a current, up to date answer for setting up naked domain with Godaddy and Heroku SSL. My goal is for all pages to land on a secure page at https://www.example.com
https://www.example.com does go to a secure page.
example.com goes to an insecure page.
https://example.com does not work.
My current set up is as follows:
In heroku settings:
Domain Name | DNS Target
example.com | example.com.herokudns.com
www.example.com | www.my-domain.herokudns.com
Go Daddy Settings:
CNAME | www | www.example.com.herokudns.com
Forwarding settings:
Forward to: https:// | www.example.com
Yeah, it's a pretty stupid issue that some of the big DNS manager providers out there still have. The way to solve it is to have a server with an SSL certificate installed, and then point your naked domain to that static IP. The server then will redirect to the "www" version of your domain, which is now served under SSL by Heroku. Tedious.
If you don't want to do all that, just use https://www.nakedssl.com, which does exactly that – but automated (and for free for one domain).
Disclaimer: I'm part of the team that created NakedSSL, but I hope you take this as help and not as self-promotion. As explained above, the problem is as easy as tedious to solve, and I think NakedSSL is a pretty straight forward workaround.
Root domains on Heroku require the use of ALIAS ANAME or FLATTENING records.
Unfortunately, a number of popular DNS hosts such as GoDaddy, Bluehost, Google Domains, OVH, Hostinger and others do not support these types of records. Many of these Providers will tell you there is no such thing as ALIAS, ANAME or FLATTENING Records and many of these providers will tell you to set an A Record instead, however;
A Records do not work with Heroku for routing
A Records require static IP Addresses and static IP Addresses do not work with Heroku for routing, because Heroku (and many other cloud platforms) use dynamic IP's.
Instead, you can either:
Not use a naked domain and just use your www sub domain
Redirect/ Forward your HTTP root domain to your www sub domain. This won't work for your HTTPS root domain though
Use an Alternate DNS Provider. Heroku recommends the following: https://help.heroku.com/NH44MODG/my-root-domain-isn-t-working-what-s-wrong
Solved it.
Best way to get SSL set up is to use this package which automatically makes every page on your app SSL. Fantastic package. https://www.npmjs.com/package/force-ssl-heroku
Getting the naked domain set up with Godaddy easily: Set forwarding to your domain: https://www.my-domain.com. This will redirect non www to the correct place. :)
I believe naked subdomain or wildcards are not supported by heroku automated certs because of the let's encryption restrictions. So you need to set up a subdomain everytime you want to use Heroku's automatic certs.
ALSO VERY IMPORTANT! Don't forget to remove or edit any unsercured links to external assets. Otherwise browsers will jugde the page with those links unsecured as described in the Modzilla support page about mixed content.
I've got a fairly simple app deployed on OpenShift that uses CloudFlare as a DNS provider, since they support CNAME records for the root domain, which our current domain provider does not.
The issue with this setup is somewhere along the line https is not working. I believe this is an OpenShift issue because it's the same kind of issue you get when you've mapped the domain name to your app but haven't added the proper aliases yet - you get a timeout essentially.
We've got two aliases - with www and without. There's no option to specify https or anything with OpenShift aliases from what I can see. There aren't any SSL certificates assigned to these aliases as we do not need or use https - we're on the Free plan.
The main URL to access the site is http://www.jcuri.com - notice this works as expected, however https://www.jcuri.com times out.
Initially we were thinking of using CloudFlare page rules to auto-redirect to a non-https URL however this is locked down behind a paywall which we're hoping to avoid, as we don't need any of the Pro features.
Is there something I'm missing here? It seems that OpenShift is just denying any https connections purely because we don't have certificates assigned to the aliases. I wouldn't even mind if there were certificate errors, at least that would give us a chance to do a redirect on the actual NodeJS application, but we don't even reach that point.
Can anyone offer some advice on this?
Since those domains are not pointed directly at openshift via CNAME, but are seemingly redirected via another service (from what i can tell from the dns) it is hard to say whether it is OpenShift that is causing the https issues. If you do not have a custom ssl certificate installed on openshift, you will just get an invalid certificate error, but since you are using a redirect service, maybe it is possible that the service is checking the certificate first, seeing an error, and then not working?
Since the https page rules you stated above are behind a paywall, this actually makes a lot of sense that they are blocking it, not OpenShift. Godaddy provided a forwarding service that would allow you to point both www and naked domain to openshift correctly using cnames, i have used it before.
I am hosting my public facing site at a shared host (Hostgator) with the domain pointing to the same. I also have my application hosted on a dedicated server with a different host. Both servers have their own SSL certificates installed.
Is there any way to edit the .htaccess file to do the following:
https://www.domain.com/CUSTOMER redirects to https://x.x.x.x/CUSTOMER while the browser still shows www.domain.com/CUSTOMER?
I'm vary of using frames due to the SSL ramifications. My domain registrar is Hostway and they do not offer URL masking/forwarding.
This can be done by making your server act as a proxy. Even if you have no access to the servers configuration you might be lucky that apaches proxy module is loaded: http://httpd.apache.org/docs/2.2/mod/mod_proxy.html
If so you can 'map' the remote site (IP) as if being served by your normal server.
Also apaches rewriting module can make use of that module by using the [P] flag in a RewriteRule.
Be sure you have a copy of that site on the different server, preverally with the same database, so you don't get in trouble with i.e. order numbers or user logins between http and https. The certificate server must be the web server for your SSL provided web content.
Take a look here foor further informations. "Google Search Result"