I am having the following issues with the Cloudflare Flexible SSL (Always use HTTPS, Automatic HTTPS rewrites activated)
Before activating the Cloudflare SSL the website in question nicely redirected from
http://www.example.com to http://example.com same goes for
www.example.com to example.com
After the Cloudflare SSL activation when I type in the I the following into the address bar:
example.com > https://example.com (green lock)
http://example.com > https://example.com (green lock)
www.example.com > https://example.com (css, js, certain images are not loading, gray lock with yellow triangle in address bar - mixed content)
http://www.example.com > https://www.example.com (css, js, certain images are not loading, gray lock with yellow triangle in address bar - mixed content)
Can someone let me know where to start to fix this issue?
Ok, the Cloudflare SSL mixed content issues has been resolved. I found a hard coded wrong base url in the html code
Related
I created a simple Vue web application that is hosted by Heroku on a custom domain. Heroku automatically provides SSL certificates and my website works as intended on:
`https://www.example.com``
The intended behaviour is as follows (if secure/feasible):
example.com -> https://www.example.com
http://example.com -> https://www.example.com
http://www.example.com -> https://www.example.com
however the current situation is:
example.com -> http//www.example.com
http://example.com -> site cannot be reached
http://www.example.com -> http://www.example.com
I read quite some articles online but I am not sure whether a redirect introduces potential security issues. Additionally there are a few limitations flagged by Heroku. My Webhost is https://www.domein-registreren.nl/ and allows redirects through their web interface.
EDIT: I used Cloudflare to fix the issue for me. However, I am wondering if there are other ways to accomplish this.
I have a retail application that is hosted at www.emenu.com. My clients have there on websites that are hosted on their server, like www.fastfood.com, www.freshlime.com, etc. There is a button on their website which redirects to www.emenu.com.
www.fastfood.com on a button click redirect to www.emenu.com
www.freshlime.com on a button click redirect to www.emenu.com like that,
Problem is that the client does not want to show my application URL in the address bar after redirecting.
ie, www.fastfood.com will redirect to www.emenu.com but it should show www.fastfood.com in URL.
I am using laravel for the development. Came across many solutions involving .htaccess like
Options +FollowSymLinks -MultiViews
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} ^(www\.)?emenu\.come$ [NC]
RewriteRule ^ http://www.fastfood.com%{REQUEST_URI} [L,NE,P]
But the solution doesn't work.
The way websites work is like this:
user enters URL into browser (or clicks a link to get there), say www.example.com/foo/bar
the browser/OS looks up the A or AAAA DNS record for www.example.com, this DNS record points to an IP address
the browser sends an HTTP request to that IP address, like:
GET /foo/bar HTTP/1.1
Host: www.example.com
the server at that IP address (hopefully) responds with some HTML
So you see, if the domain www.example.com is already pointed at your client's server, it can't also point at your server. And the URL in the browser's address bar will always show the URL it's currently actually loading, you can't mask that. If you want the contents of your site to appear on your client's domain name, then the server pointed to by the DNS record for that domain actually needs to return the HTML for your site. You pretty much have two options there:
Embed your site in an iframe on your client's page. Say www.example.com/emenu.html contains:
<iframe src="http://www.emenu.com"></iframe>
Then visitors going to www.example.com/emenu.html will see the content of your site (embedded into a site of your client).
Set up the web server for www.example.com to reverse-proxy (some of) your URLs. In Apache that can be done with something like:
ProxyPass "/emenu" "http://www.emenu.com/"
ProxyPassReverse "/emenu" "http://www.emenu.com/"
Any HTTP request for the URL path /emenu to www.example.com would be forwarded by that server to your server, and the response be presented to the visitor as if the www.example.com server had produced it itself.
I have two domains: example.com and example.org.
HTTP://www.example.com redirects to HTTPS://www.example.org (as expected)
HTTP://example.com redirects to HTTPS://www.example.org (as expected)
HTTP://www.example.org redirects to HTTPS://www.example.org (as expected)
HTTP://example.org redirects to HTTPS://www.example.org (as expected)
HTTPS://example.org redirects to HTTPS://www.example.org (as expected)
However, using HTTPS doesn't work. I think this is because I haven't proven that I own example.com to my CA (letsencrypt through GitHub pages).
HTTPS://www.example.com should redirect to HTTPS://www.example.org
HTTPS://example.com should redirect to HTTPS://www.example.org
This question is related but it goes a little over my head and I'm not sure how to implement it on Github pages with Namecheap.
I solved this by migrating to netlify. I recommend.
I used the information here and here to create a _redirects file that looks like this:
https://example.com/* https://www.example.org/:splat 301!
https://www.example.com/* https://www.example.org/:splat 301!
http://example.com/* https://www.example.org/:splat 301!
http://www.example.com/* https://www.example.org/:splat 301!
I'm looking to connect my domain to a heroku app. So far, the tutorials I've read say we want Namecheap to have the following records for domain example.com:
CNAME Record www www.example.com.herokudns.com
URL Redirect # https://www.example.com
With this config, I can successfully get to my homepage using:
http://example.com/
http://www.example.com/
https://www.example.com/
But for some reason https://example.com/ won't connect and times out. Does anyone know if there's a way to get both https://example.com/ and https://www.example.com/ to redirect successfully?
You won't be able to do this with DNS provided redirects.
The reason is that at the point of redirect, ie your DNS provider they would need to:
Accept https/443 requests to their redirector
have a valid certificate for hacksofcharity.com
if they don't you'll either receive a timeout, or a certificate mismatch in your browser. When apex domains are involved with https then your only option is to be using a DNS provider that supports using CNAME - see https://devcenter.heroku.com/articles/custom-domains#add-a-custom-root-domain and perform any redirects within your application code base.
We have two domains: www.example.com and www.example.org. Both point to the same site. But, we'd like everything to point to .org. We are running Drupal on a LAMP server hosted by Media Temple.
We have now started to have problems because our .com SSL cert expired, so anybody who goes to the .com site routinely gets scary messages in Chrome, etc.
How can we make it so that if somebody goes to https://www.example.com in google, they get nicely directed to http://www.example.org?
You can do this multiple ways.
.htaccess
RewriteEngine On
Redirect 301 / https://www.exmaple.org
In a PHP file
header("HTTP/1.1 301 Moved Permanently");
header("Location: https://www.example.org");
header("Connection: close");
You can try this module :
https://www.drupal.org/project/domain_301_redirect
This is the domain that all other domains that point to this site will be 301 redirected to. This value should also include the scheme (http or https)
I Hope help you!