Warning: If You Own Your Own Website
Jan. 15th, 2018 08:22 pm![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
morgandawnHeads up to anyone who has their own website. Most of us have low-cost websites that are on shared servers. As you may know, Google and some browsers are now forcing us to access websites using SSL (secured sockets layer) certificates. This secures the information being transmitted between you and the webpage. If you've ever looked at the upper left in your browser address bar and seen a little green sign or a lock symbol along with "HTTPS://www...." next to a website address, then you are accessing a website securely.
But if someone visits your website and their browser is set to warn against "unsecured" websites, they will get a malicious website warning. Most fans won't proceed. But the few who do so may face yet another surprise.
If your visitor uses HTTPS or if they push past the malicious website warning, they are often redirected to someone else's website. Once that other website is in their browser cache, every single time they try to go to your website again they will be permanently redirected until they clear their cache.*
The reason this is happening is that many web hosts are too cheap to set up their servers properly or are using older servers. If you have a website on a shared server, and you have not paid a fee to move to a dedicated server or buy your own dedicated IP address and then paid a second fee to buy your own security certificate, your website will be redirected to the first person on that server who happens to have bought a security certificate. The servers will search alphabetically down the list of hosted websites until they find someone with a SSL certificate and ...voila that is where you will now go.
For example, if your website is on a server with somebody who own website www.aaa.com and they own a security certificate, every single website on that server that does not have their own separate security certificate, will be redirected to www.aaa.com
Some web-hosts know that Google is pushing every website and browser to use HTTPS which in turn means every website will need a security certificate. Good web-hosts are now offering free security certificates on accounts that use shared servers. Ex: Dreamhost and LunarPages. Bad ones, like Bluehost and Hostgator will not offer them. Or they will force you to pay 2-3x amount and upgrade to a Business Enterprise service plan. Even worse, they won't tell you it is necessary and instead leave you and your visitors to find out that your webpage is being redirected to some dude's page that starts with the Letter A. So check with your Internet host to see if they offer a "free SSL certificate on a shared server". And move to another web-host.
(no subject)
Date: 2018-01-17 12:30 am (UTC)(no subject)
Date: 2018-01-19 07:22 am (UTC)