I've been using Heroku to host and manage a website of mine that requires an SSL certificate. For the last year and a half I've been using ZerigoDNS to manage my domain and SSL redirecting (although, redirecting from non-https, non-www to https and www does not work).
I just got a notice from Heroku that they will be shutting down ZerigoDNS soon and they recommend switching to PointDNS. I couldn't find any information in the PointDNS documentation about managing SSL redirects.
Here's what I'm looking to do:
non-www non-https redirects to https and www
non-https redirects to https and www
https but non-www redirects to https and www
The reason everything needs to be forwarded to https and www is that's what the ssl cert was created for (the www is required. I don't have a wildcard certificate).
Does anyone familiar with PointDNS know how to to set up the records and redirects properly?
Thanks in advance!
Regarding non-www to www redirects, I just got that to work as follows:
First, you must add both www.your-domain.com and your-domain.com as custom domains.
heroku domains:add andrewpuglionesi.com
heroku domains:add www.andrewpuglionesi.com
I have a CNAME record with name www.my-domain.com.. The text in its data field is my-heroku-domain.herokuapp.com. I also have an alias record with the name my-domain.com., and I made its data field www.my-domain.com. In other words, the alias just points to the CNAME.
I don't know if this is well-advised, but it seems to work (and without sticking www in the user's URL, at that). It simply solves the problem where you can't access pages other than the index without having www there). I like how Heroku and PointDNS' documentation both say you can easily do redirects and then don't actually explain how to... I guess this is one way.
I've previously been able to force https protocol through the backend of a Django site. I can't remember the exact method I used, but you might be able to do it without the DNS stuff.
First, add both www.your-domain.com and your-domain.com as custom domains under settings or run below commands
heroku domains:add domainname.com
heroku domains:add www.domainname.com
For redirection, you need to do it via server, eg. if you are using apache you can achieve redirections via .htacess file.
Also, you can only redirect non-www to www with pointDNS redirect option
Related
I have a 1&1 IONOS domain for my heroku app. the www subdomain works fine, with a CNAME setup for it. but I'm trying to redirect the root url to the www subdomain. this also works fine for http, but if the url is typed in as https://example.com, I get a ERR_SSL_PROTOCOL_ERROR (on chrome, other browsers have different errors). this is on any device, regardless of clearing cache and history etc.
my heroku logs show it's never reached, so it must be an issue within 1&1.
theres an ssl cert set on the domain with 1and1, as well as heroku's ACM.
any ideas?
To make the four URL variations (http://example.com, http://www.example.com, https://example.com, and https://www.example.com) point to a different SSL hosted site (heroku, cloudfront, etc), you need three things in IONOS:
Under DNS settings, add a CNAME entry for the www subdomain that points to your SSL hosted site (example.herokuapp.com)
Set up an HTTP Redirect under Domain Forwarding to https://www.example.com (don't check the box that states "Also set up for www subdomain")
Make sure you have an SSL wildcard certificate for *.example.com installed and attached to your domain in IONOS
It looks like all you are missing is number 3. After that, the redirect that you have setup should work as expected.
Note: example.com should be replaced by your actual domain in all of the above.
I'm using a shared hosting website to host the website and I have a SSL certificate. When I navigate to www.example.com, I don't see the padlock and it says the website is not secure, however, if I navigate to https://example.com or http://example.com, I see the padlock and it says the website is secure.
What am I meant to do to make it so that when a user types www.example.com to be sent to the https://example.com version? Do I have to forward the domain to https://example.com or do I have to fiddle with some htaccess settings?
Check Ben's answer here:
https://stackoverflow.com/a/1270281/7118098
This is an .htaccess edit, assuming you're using Apache on your host.
The problem is that you're manually accessing https:// so it works, but accessing http:// doesn't redirect you because it's not https:// enforced.
Almost all SSL certificates secure both versions of the website (www and non-www). But, I think your web hosting provider does not offer this feature. However, you can redirect your www domain to a secure domain (I mean non-www version).
I'm looking to connect my domain to a heroku app. So far, the tutorials I've read say we want Namecheap to have the following records for domain example.com:
CNAME Record www www.example.com.herokudns.com
URL Redirect # https://www.example.com
With this config, I can successfully get to my homepage using:
http://example.com/
http://www.example.com/
https://www.example.com/
But for some reason https://example.com/ won't connect and times out. Does anyone know if there's a way to get both https://example.com/ and https://www.example.com/ to redirect successfully?
You won't be able to do this with DNS provided redirects.
The reason is that at the point of redirect, ie your DNS provider they would need to:
Accept https/443 requests to their redirector
have a valid certificate for hacksofcharity.com
if they don't you'll either receive a timeout, or a certificate mismatch in your browser. When apex domains are involved with https then your only option is to be using a DNS provider that supports using CNAME - see https://devcenter.heroku.com/articles/custom-domains#add-a-custom-root-domain and perform any redirects within your application code base.
I have ordered an SSL certificate which covers my root domain only and it can be successfully accessed through https://domain.com.
I have created a redirection from all requests from https://www.domain.com to the root domain.
However, when trying to access https://www.domain.com which was supposed to get redirected to https://domain.com the browser returns the following warning mentioning about a security risk of proceeding with the navigation:
This is probably not the site your are looking for!
You attempted to reach www.domain.com, but instead you actually reached a server identifying itself as domain.com. This may be caused by a misconfiguration on the server or by something more serious. An attacker on your network could be trying to get you to visit a fake (and potentially harmful) version of www.domain.com.
You should not proceed, especially if you have never seen this warning before for this site.
Is it somehow possible to redirect from www to the root domain using HTTPS without having to order another SSL certificate for www only for redirections?
PS: domain.com is just a placeholder to help illustrating the question.
Unfortunately SSL certificate negotiation happens before mod_rewrite rules come into effect. THerefore even before your 301 rule can redirect URIs to non-www domain, browser has already received certs for non-www while still on www domain. That is the point it shows that dreaded warning to visitor that cert is invalid.
You have 2 options:
(Recommended) Most of the certs these days allow you to use www with TLD, check with your provided if this is the option.
Go for wildcard certs (more expensive).
My website is www.survivorssupply.com. I want to use SSL for my entire site because when I use SSL on only certain portions, the SSL certificate says certain parts were not delivered securely, not everything is secure, etc.
When I go into the Joomla admin panel, I set the entire site to force SSL for everything. I then get an issue with an endless redirect loop (301 error). My site is running the latest version of Joomla 2.5 on Nginx.
Is there some kind of rewrite I can use or does anyone know any Joomla tricks?
You are probably missing an extra parameter in the 443-section of your Nginx configuration. Add "fastcgi_param HTTPS on;" to the fastcgi-section.
#alfasin, Nginx doesn't use files like httpd.conf or .htaccess
check your httpd.conf and .htaccess for 301 redirect rules regarding HTTPS
you receive the warning that parts of your site are not secured because you have embedded links which use HTTP instead of HTTPS - I would create a backup of teh site and start changing all the urls in the: template, articles, modules etc.