Domain Forwards are starting to throw up https errors on chrome (1.Viewing)
- Topic Starter MapleDots
- Start date
- Replies: Replies 38
- Views: Views 698
I myself am not getting any error in the latest Chrome on windows, interestingly enough, neither in incognito nor normal mode. Either way, I looked at the way Porkbun is doing this and they seem to generate a certificate for each and every domain. So this is not a quick fix, since it affects infrastructure as well (and there's some challenges around generating a lot of free certs), but we'll be looking at a solution.
Google keeps changing the message as they are rolling out the forwarding changes across all platforms.
Regular forwards will soon be dead in the water, am seeing lots of famous websites with forwards not working properly.
CanuckDomains
CanuckDomains.ca
- Joined
- Nov 23, 2023
- Topics
- 105
- Posts
- 250
- Likes
- 77
I've been holding my tongue because, you know, who is this random new kid? But I have some gripes with WHC:
1. Having to pay extra for SSL.
2. Having both the pusher and the recipient open a ticket and then having a poor WHC employee take the time to manually move each domain to push between accounts.
3. No bulk functions for forwarding.
4. That irritating little thing where you have to opt out of the ten-dollar "Boost security with Domain Protection" whenever you register a domain (which caught me a few minutes ago, prompting this unnecessary rant).
5. This new domain forwarding error.
Anywho, I like your registrar and customer service. And other registrars have their faults. But I just lost $9.99 and I can't rightfully take that out on myself, now can I?
P.S. I can get a refund.... right?
1. Having to pay extra for SSL.
2. Having both the pusher and the recipient open a ticket and then having a poor WHC employee take the time to manually move each domain to push between accounts.
3. No bulk functions for forwarding.
4. That irritating little thing where you have to opt out of the ten-dollar "Boost security with Domain Protection" whenever you register a domain (which caught me a few minutes ago, prompting this unnecessary rant).
5. This new domain forwarding error.
Anywho, I like your registrar and customer service. And other registrars have their faults. But I just lost $9.99 and I can't rightfully take that out on myself, now can I?
P.S. I can get a refund.... right?
rlm
Bonfire.ca
ahh the sneaky upsells. How do you think GoDaddy got to be the biggest registrar in the world?
When I visit INCOGNITO I get the above
When I am logged in I get the below
Also I see now mention of an extra charge for SSL
Yes forwarding is dead in the water now unless you add the domain to your hosting account as an addon domain and forward within cPanel.
RedRider
Member
- Joined
- Nov 6, 2020
- Topics
- 50
- Posts
- 347
- Likes
- 140
Crazy, even my credit union allows me to push funds to another member unassisted. If the owner wants to push a domain to another member and they are securely logged in it should only require one service ticket.
@CanuckDomains : Please don't hold back, we appreciate any feedback.1. With our hosting, you also have access to free AutoSSL. We currently do not include an SSL certificate for domains, but we are considering this for forwarding in the future.
2. Ideally, this should and won't be a manual process going forward, but I do think (see example below) it needs to be approved by gaining and losing accounts. Another (additional?) option would be to simulate a transfer with EPP code between accounts, similar to how some reseller registrars do it. What does your favourite and secure push implementation look like?
3. This has been requested before, especially by
@MapleDots and is something we're considering for the future.4. It's an upsell. As
@MapleDots highlighted, once you have 75+ domains with us, you can join The Domain Club at WHC and get better renewal pricing ($11.99 for .CAs) and this domain protection feature is free.5. See #1. I'm curious, aside from the one mentioned here before, which order registrars give you free certs? This problem is likely to affect other registrars as well.
For the domain protection? Yes. Please contact our billing team. You can now also cancel the feature from the client area, but it doesn't automatically refund you.
@RedRider Aside from the fact that I would like this to be automated (and it will be at one point), I do think that for domains, the gaining client should have to accept them. Imagine you get wind of there being a UDRP/CDRP filed against one of your domains, and before it reaches the registrar, you just push it to someone else.
Last edited:
When a domain push is initiated, the recipient must accept the push.
To initiate the push: Requiring username would be good. Don’t want to give out account email. Other registrars use account # / username / email.
To initiate the push: Requiring username would be good. Don’t want to give out account email. Other registrars use account # / username / email.
Nafti
Member
- Joined
- Nov 11, 2020
- Topics
- 83
- Posts
- 1,171
- Likes
- 811
Epik does have one good thing left.
I just use the basic forward button with no issues. It seems to automatically forward with the HTTPS.
Virus.ca currently forwards to The Guy who has purposely destroyed Canada over the last few years.
I won’t give any hints but you have to guess without clicking the link.
Comment below!
Ugh, this is a royal pain and affecting everyone forwarding one domain to another.
@FM is there any timeline on getting this resolved.
I'm added my critical domains to the hosting package to fix it but the other domains are all in limbo with an error message.
The other thing I thought of is making a custom dns server for each domain and somehow using it as a forward.
Anyone know how to do that in the WHC control panel? I started fooling around with that a bit.
@FM is there any timeline on getting this resolved.I'm added my critical domains to the hosting package to fix it but the other domains are all in limbo with an error message.
The other thing I thought of is making a custom dns server for each domain and somehow using it as a forward.
Anyone know how to do that in the WHC control panel? I started fooling around with that a bit.
Unfortunately I cannot yet offer a guaranteed timeline, but I'm looking and testing options at the moment.Ugh, this is a royal pain and affecting everyone forwarding one domain to another.
Can you explain this further? We do support private nameservers (requires an additional IP for CIRA to accept them).
I mentioned nameservers in a post above but can't get it working. Can you share how you will set it up?
Last edited:
Wayne
Member
- Joined
- Feb 6, 2024
- Topics
- 17
- Posts
- 54
- Likes
- 35
Not sure if this question was directed to me, but for what its worth I build my own Web & DNS/Bind servers and use Certbot to attach SSL certificates.
That way the SSL certificate gets validated (no security warning), and I can host a site on a domain or forward it as needed.
Note: I should have mentioned Web & DNS servers in my last post, not just DNS.
You really don't need your own DNS server, but you do need your own web server.
1. Login to WHC (or other provider) and set the A record for the domain name to the IP address of your web server.
2. On your webserver, install certbot (Ubuntu/Debian - sudo apt install certbot)
3. Create SSL certificates for domain name (sudo certbot --nginx -d mysite.ca -d www.mysite.ca) or for Apache (sudo certbot --apache -d mysite.ca -d www.mysite.ca)
4. a. To forward a domain using Nginx:
server {
server_name .mysite.ca;
return 301 http://www.anothersite.ca$request_uri;
}
b. To forward a domain using Apache:
RewriteEngine On
RewriteRule ^(.*)$ http://anothersite.ca/$1 [R=301,L]
The big advantage of rolling your own DNS servers is that it improves SEO.
A bit technical, but hopefully this helps someone!
That way the SSL certificate gets validated (no security warning), and I can host a site on a domain or forward it as needed.
Note: I should have mentioned Web & DNS servers in my last post, not just DNS.
You really don't need your own DNS server, but you do need your own web server.
1. Login to WHC (or other provider) and set the A record for the domain name to the IP address of your web server.
2. On your webserver, install certbot (Ubuntu/Debian - sudo apt install certbot)
3. Create SSL certificates for domain name (sudo certbot --nginx -d mysite.ca -d www.mysite.ca) or for Apache (sudo certbot --apache -d mysite.ca -d www.mysite.ca)
4. a. To forward a domain using Nginx:
server {
server_name .mysite.ca;
return 301 http://www.anothersite.ca$request_uri;
}
b. To forward a domain using Apache:
RewriteEngine On
RewriteRule ^(.*)$ http://anothersite.ca/$1 [R=301,L]
The big advantage of rolling your own DNS servers is that it improves SEO.
A bit technical, but hopefully this helps someone!
Last edited:
Wayne
Member
- Joined
- Feb 6, 2024
- Topics
- 17
- Posts
- 54
- Likes
- 35
Sorry yes..
What about this from WHC?
Maybe a way to get that working
Yes, you can use the rewrite engine as well for forwarding, but I don't think that will fix the issue.
The problem is that Google essentially forces HTTPS, which isn't a bad thing in and of itself.
If you are forwarding, forward to HTTP not HTTPS.
If you are connecting to an HTTPS site, it is going to look for an encryption certificate for that domain name, and won't find one because the domain has been redirected to another server, and there is no certificate for it there.
If I forward betbitcoins.ca to waynesdomains.com, I get to DN.ca without issue, since i'm not forwarding https on either domain.
If I do forward https, I get this error:
The problem for me is that Google caches https versions of websites, so if a user clicks on an https link which is forwarded, there is no certificate for that domain name at the server being forwarded to, thus the error. Very frustrating.
The best resolution, in my opinion, is to create your own webserver with your own (free) certbot certificates.
Last edited:
Sponsors who contribute to keep dn.ca free.
 |
 |
 |
 |
 |
 |