www. Infront stops website access?

Panda

Strange thing today, thought my pals nodebb.com site was down, as browser prevented access.
It gave the your connection is not private security warning (like when theres no SSL)
But Ive been told issue was that i was using
www.sitename.nodebb.com
And should just use sitename.nodebb.com
!
Have I missed something, since when did www. stop websites accessing properly?

phenomlab

@Panda www these days is typically an alias record in DNS, and isn’t a requirement for the site to function. Most websites (including this one ) drop the www part as it’s less for people to type (but it will accept those requests, then strip it back to the actual URL). Only those who have a legacy reason to include www in their website addresses these days do so.

It’s considered unnecessary in today’s internet landscape. However, if the site presents an SSL certificate mismatch or warning, then this will actually not only harm your SEO (Google penalises against this), but it also means that if you proceed, every transaction on the site will be in plain text - not good at all.

Furthermore, those sites (like NodeBB) that require a specific URL to operate against won’t work properly because of the mismatch, and that site should then be forcing all non-https traffic to https to ensure that this does not happen.

Essentially, not doing so isn’t just bad etiquette, it’s bad for overall security. Depending on the host in use (either Apache or NGINX), there are a variety of ways to accomplish this. One of the easiest ways if you use Cloudflare is to do it with a page rule - failing that, a few simple lines of config is all it takes to resolve it.

A bit more on the whole www part here

https://dropwww.com/why

Panda

@phenomlab the only problem is that some places require the www to know its a website.
E.g. if I write,
aignite.nodebb.com
(This page does recognise its a link. But some chat / media pages dont)
Or if I write
www.aignite.nodebb.com

From what you wrote above, do you say its ok for nodebb to have it set up such that the www one doesnt work?
Many people not so technical may write www., out of habit.

Further thought, how does this site know which of the following are links?
test
test.one
test.com
test.test2.org

phenomlab

@Panda said in www. Infront stops website access?:

the only problem is that some places require the www to know its a website

This isn’t the case at all. All websites even without the www part will still begin with either http or https even if entered directly into the address bar as (for example) mysite.mydomain.com - the browser will first try http then https and ideally, if the request is received as http it should then by issued a 301 permanent redirect to https

phenomlab

@Panda said in www. Infront stops website access?:

From what you wrote above, do you say its ok for nodebb to have it set up such that the www one doesnt work?
Many people not so technical may write www., out of habit.

100%, yes, as it’s the industry standard. If anyone does write www that should auto redirect to the correct convention. Try accessing this site as www and see what happens.

phenomlab

@Panda said in www. Infront stops website access?:

Further thought, how does this site know which of the following are links?
test
test.one
test.com
test.test2.org

Because the a href anchor will only react to valid TLD (Top Level Domains), of which .one isn’t, and no suffix at all will obviously be ignored and treated as text.

Panda

@phenomlab
Im not talking about entering in a browser, but writing in a post

So on Discord I mesaged someone
www.aignite.nodebb.com
And it gave the SSL error when clicked
Nodebb.org arent striping the www

phenomlab

@Panda if I check that URL, it redirects to the NodeBB home page.

Panda

@phenomlab said in www. Infront stops website access?:

@Panda if I check that URL, it redirects to the NodeBB home page.

Yes, but why?!

phenomlab

@Panda because there is no match for the DNS entry specified. The receiving web server parses the headers looking for a destination hostname to match, and anything the web server is unable to resolve will be sent back to the root.