www. Infront stops website access?
-
Strange thing today, thought my pals nodebb.com site was down, as browser prevented access.
It gave the your connection is not private security warning (like when theres no SSL)
But Ive been told issue was that i was using
www.sitename.nodebb.com
And should just use sitename.nodebb.com
!
Have I missed something, since when did www. stop websites accessing properly? -
Strange thing today, thought my pals nodebb.com site was down, as browser prevented access.
It gave the your connection is not private security warning (like when theres no SSL)
But Ive been told issue was that i was using
www.sitename.nodebb.com
And should just use sitename.nodebb.com
!
Have I missed something, since when did www. stop websites accessing properly?@Panda www these days is typically an
aliasrecord in DNS, and isn’t a requirement for the site to function. Most websites (including this one
) drop the www part as it’s less for people to type (but it will accept those requests, then strip it back to the actual URL). Only those who have a legacy reason to include wwwin their website addresses these days do so.It’s considered unnecessary in today’s internet landscape. However, if the site presents an SSL certificate mismatch or warning, then this will actually not only harm your SEO (Google penalises against this), but it also means that if you proceed, every transaction on the site will be in plain text - not good at all.
Furthermore, those sites (like NodeBB) that require a specific URL to operate against won’t work properly because of the mismatch, and that site should then be forcing all non-https traffic to https to ensure that this does not happen.
Essentially, not doing so isn’t just bad etiquette, it’s bad for overall security. Depending on the host in use (either Apache or NGINX), there are a variety of ways to accomplish this. One of the easiest ways if you use Cloudflare is to do it with a page rule - failing that, a few simple lines of config is all it takes to resolve it.
A bit more on the whole www part here
Mark – Founder, Phenomlab Ltd
Executive IT & Security Leadership
Phenomlab Ltd -
undefined phenomlab has marked this topic as solved on
-
@Panda www these days is typically an
aliasrecord in DNS, and isn’t a requirement for the site to function. Most websites (including this one ) drop the www part as it’s less for people to type (but it will accept those requests, then strip it back to the actual URL). Only those who have a legacy reason to include wwwin their website addresses these days do so.It’s considered unnecessary in today’s internet landscape. However, if the site presents an SSL certificate mismatch or warning, then this will actually not only harm your SEO (Google penalises against this), but it also means that if you proceed, every transaction on the site will be in plain text - not good at all.
Furthermore, those sites (like NodeBB) that require a specific URL to operate against won’t work properly because of the mismatch, and that site should then be forcing all non-https traffic to https to ensure that this does not happen.
Essentially, not doing so isn’t just bad etiquette, it’s bad for overall security. Depending on the host in use (either Apache or NGINX), there are a variety of ways to accomplish this. One of the easiest ways if you use Cloudflare is to do it with a page rule - failing that, a few simple lines of config is all it takes to resolve it.
A bit more on the whole www part here
@phenomlab the only problem is that some places require the www to know its a website.
E.g. if I write,
aignite.nodebb.com
(This page does recognise its a link. But some chat / media pages dont)
Or if I write
www.aignite.nodebb.comFrom what you wrote above, do you say its ok for nodebb to have it set up such that the www one doesnt work?
Many people not so technical may write www., out of habit.Further thought, how does this site know which of the following are links?
test
test.one
test.com
test.test2.org -
@phenomlab the only problem is that some places require the www to know its a website.
E.g. if I write,
aignite.nodebb.com
(This page does recognise its a link. But some chat / media pages dont)
Or if I write
www.aignite.nodebb.comFrom what you wrote above, do you say its ok for nodebb to have it set up such that the www one doesnt work?
Many people not so technical may write www., out of habit.Further thought, how does this site know which of the following are links?
test
test.one
test.com
test.test2.org@Panda said in www. Infront stops website access?:
the only problem is that some places require the www to know its a website
This isn’t the case at all. All websites even without the www part will still begin with either
httporhttpseven if entered directly into the address bar as (for example)mysite.mydomain.com- the browser will first tryhttpthenhttpsand ideally, if the request is received ashttpit should then by issued a301permanent redirect tohttps -
@phenomlab the only problem is that some places require the www to know its a website.
E.g. if I write,
aignite.nodebb.com
(This page does recognise its a link. But some chat / media pages dont)
Or if I write
www.aignite.nodebb.comFrom what you wrote above, do you say its ok for nodebb to have it set up such that the www one doesnt work?
Many people not so technical may write www., out of habit.Further thought, how does this site know which of the following are links?
test
test.one
test.com
test.test2.org@Panda said in www. Infront stops website access?:
From what you wrote above, do you say its ok for nodebb to have it set up such that the www one doesnt work?
Many people not so technical may write www., out of habit.100%, yes, as it’s the industry standard. If anyone does write
wwwthat should auto redirect to the correct convention. Try accessing this site aswwwand see what happens.Mark – Founder, Phenomlab Ltd
Executive IT & Security Leadership
Phenomlab Ltd -
@phenomlab the only problem is that some places require the www to know its a website.
E.g. if I write,
aignite.nodebb.com
(This page does recognise its a link. But some chat / media pages dont)
Or if I write
www.aignite.nodebb.comFrom what you wrote above, do you say its ok for nodebb to have it set up such that the www one doesnt work?
Many people not so technical may write www., out of habit.Further thought, how does this site know which of the following are links?
test
test.one
test.com
test.test2.org@Panda said in www. Infront stops website access?:
Further thought, how does this site know which of the following are links?
test
test.one
test.com
test.test2.orgBecause the
a hrefanchor will only react to valid TLD (Top Level Domains), of which .one isn’t, and no suffix at all will obviously be ignored and treated as text. -
@Panda said in www. Infront stops website access?:
From what you wrote above, do you say its ok for nodebb to have it set up such that the www one doesnt work?
Many people not so technical may write www., out of habit.100%, yes, as it’s the industry standard. If anyone does write
wwwthat should auto redirect to the correct convention. Try accessing this site aswwwand see what happens.@phenomlab
Im not talking about entering in a browser, but writing in a postSo on Discord I mesaged someone
www.aignite.nodebb.com
And it gave the SSL error when clicked
Nodebb.org arent striping the www -
@phenomlab
Im not talking about entering in a browser, but writing in a postSo on Discord I mesaged someone
www.aignite.nodebb.com
And it gave the SSL error when clicked
Nodebb.org arent striping the www@Panda if I check that URL, it redirects to the NodeBB home page.
Mark – Founder, Phenomlab Ltd
Executive IT & Security Leadership
Phenomlab Ltd -
@phenomlab said in www. Infront stops website access?:
@Panda if I check that URL, it redirects to the NodeBB home page.
Yes, but why?!
-
@phenomlab said in www. Infront stops website access?:
@Panda if I check that URL, it redirects to the NodeBB home page.
Yes, but why?!
@Panda because there is no match for the DNS entry specified. The receiving web server parses the headers looking for a destination hostname to match, and anything the web server is unable to resolve will be sent back to the root.
Hello! It looks like you're interested in this conversation, but you don't have an account yet.
Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.
With your input, this post could be even better 💗
Register Login
