Like Tree3Likes
  • 2 Post By hkha

Chrome and secure server issues

Closed Thread
  1. #1

    Join Date
    Apr 2003
    Location
    Hong Kong
    Posts
    3,988

    Question Chrome and secure server issues

    anyone else noticed that the updated chome browser, now it drops the www part of the URL? have not tested sub-domains yet.

    it is causing me (non -techy) hassle for my Wordpress website without the "http://www." part - the URL "domain.hk" without www, now only returns a server page with " Apache is functioning normally" not the index page, the hosting firm said oh, you have to pay to upgrade to a https secure server.

    the website has no transactions, no forms, just a static blog, it does not need to be https in my view.

    any alternatives? or need to upgrade all servers to secure serve?


    Last edited by JAherbert; 19-09-2019 at 12:12 PM.

  2. #2

    Join Date
    Dec 2002
    Location
    薄扶林
    Posts
    47,971

    PM me your URL ... happy to take a look and see whats going on.


  3. #3

    Join Date
    Apr 2003
    Location
    Hong Kong
    Posts
    3,988

    found this Wordpress recommendation:

    "An HTTPS connection is needed for many features on the web today, it also gains the trust of your visitors by helping to protecting their online privacy."


  4. #4

    Join Date
    Jan 2010
    Posts
    6,452
    Quote Originally Posted by JAherbert:
    anyone else noticed that the updated chome browser, now it drops the www part of the URL? have not tested sub-domains yet.

    it is causing me (non -techy) hassle for my Wordpress website without the "http://www." part - the URL "domain.hk" without www, now only returns a server page with " Apache is functioning normally" not the index page, the hosting firm said oh, you have to pay to upgrade to a https secure server.

    the website has no transactions, no forms, just a static blog, it does not need to be https in my view.

    any alternatives? or need to upgrade all servers to secure serve?


    It's just a change in the way it's displayed. If you click into the address bar twice it will show the whole address again.

    Name:  geo.jpg
Views: 258
Size:  14.3 KB

  5. #5

    Join Date
    Dec 2002
    Location
    薄扶林
    Posts
    47,971

    Yes, thats true - and for the record on GeoExpat, we do not use the www domain - just geoexpat.com / jobs.geoexpat.com


  6. #6

    Join Date
    Dec 2016
    Posts
    62

    add a www record in your DNS setting.


  7. #7

    Join Date
    Dec 2016
    Location
    Hong Kong
    Posts
    105

    You don't need https. A lot of people religiously enable https since the Snowden leaks, but for a static blog without a commenting system it is ok to not have https. But do note that it is very easy for entities in the communication path (e.g. the GFW) to modify the content on the fly to censor, alter the text or even inject malicious code for a visitor.

    If you manage your own server you can use the https://letsencrypt.org/ service to get a certificate for free, but probably not via a hosting firm as they are going to charge you for everything even if they don't do a great job.

    the "www." issue is unrelated to having https or not. Ask your hosting firm to fix only that part and don't mention https.

    JAherbert and shri like this.

  8. #8

    Join Date
    Apr 2003
    Location
    Hong Kong
    Posts
    3,988
    Quote Originally Posted by hkha:
    If you manage your own server you can use the https://letsencrypt.org/ service to get a certificate for free, but probably not via a hosting firm as they are going to charge you for everything even if they don't do a great job.
    the "www." issue is unrelated to having https or not. Ask your hosting firm to fix only that part and don't mention https.
    thanks, yes, the "www" issue, as I understand it, only applies to chrome browser. But it has kinda forced the https issue too because of the caps "NOT SECURE" in front of the domain name.

    On top of the host changing server (always breaks something) then updating to latest WP to find something else broken grrr

    some people may understand and disregard the chrome "safety warning" but customers may not.

    And yes host wants monthly payment for https which I don't need, but customers may be scared of the warning if using chrome

  9. #9

    Join Date
    Jun 2016
    Posts
    1,972

    I thought the lock preceding the text means its secure. If you click the lock shows its a secure connection.https://support.google.com/chrome/an...indicator&rd=1