I have registered 2 websites (say source.com and target.info) but only one (target.info) is hosted. I could redirect source.com to hosted target.info/source but I would like to display source.com in the address bar rather than the physical URL target.info/source or subdomain source.target.info. Is this possible, knowing that I don’t have a .htaccess for source.com since it is not hosted?
I tried to redirect source.com to target.info/source on my registrar account but then I get target.info/source in the address bar. Ideally I would like to have source.com concatenated with the file names, but source.com alone would be fine.
An alias domain might be close to what you are looking for but you may find it called something different if you use a different hosting provider. You will however, still need to point the domain to your hosting provider (in the case of hosting providers using cPanel whose documentation I have linked this would involve changing the nameservers at your registrar).
Form the docs:
Domain aliases are domains that you own, but which do not contain any content. Instead, they point to the contents of another domain or subdomain on your account. This is useful, for example, to hold a domain that you will later sell, or to redirect traffic to another domain.
Related
I'm learning about Google OAuth, and it says that my project has no appropriate credentials.
So I go to the Developers Console and click on the OAuth consent screen. I type my domain name into their question:
Authorized domains To protect you and your users, Google only allows
applications that authenticate using OAuth to use Authorized Domains.
Your applications' links must be hosted on Authorized Domains.
I have verified my domain, but I get "Must be a top private domain." The link takes me to some kind of java programming statement. Actually if I click on the Domain verification tab (again) there are no domain names listed, but I know I added it.
Q: How do I add my domain for being used with OAuth? Must I qualify it as a Top Private Domain or am I going down a rabbit hole?
Google oauth requires a top level domain for security purposes. A top level domain is the first one before the .com .net .biz, in other words it only has one dot. There are exceptions such as .co.uk.
Subdomains are controlled by the parent domains and are not necessarily owned or controlled by you. Imagine you have a Wordpress account at domain.wordpress.com. Wordpress closes your account and returns domain to inactive. A different user claims the domain user and domain.wordpress.com. If Google allowed subdomains they would be forced to believe the new user was you. (Since there is no requirement of public notification of the change)
Edit (a more generalized statement in response to a comment.)
If you own the domain, you have full control over it, and the ownership records are public. To prove your virtual identity as owner of the domain when subscribing to many services require a DNS record, that is created by you, as a challenge created by the provider, that can be read by the provider, prior to services being created. In the event of a change in ownership the original claimant, you, is sent a new record to the provided email address to add to your DNS server to prove you still own the domain. If you cannot prove you still maintain ownership of the name, as in the case of an expired domain hijack, all services are canceled.
Edit
The most probable problem is: Your domain verification is failing.
Start the verification process again. This will give you a new TXT record to add to your DNS.
Go to your DNS providers page and add the record. While there look for the refresh value on the SOA record.
Convert the SOA refresh from seconds to hours. Divide by 3600.
Wait that amount of time + 4 hours for replication.
Use nslookup (or dig) and look for the TXT record. Be sure to use Google's DNS server at 8.8.8.8(server=8.8.8.8).
If the record is not found, wait some more, if (hours waiting > 72) break; else repeat check.
If nslookup was able to find the record, complete the verification process; if not contact your DNS provider(The client record hold can be an issue).
If at this point everything went well, You should have an authorized domain.
If not (domain disappears, contact Google support), It my have to do with the privacy settings on the domain. Most quote public domains have contact information.
You must use a TLD (top level domain). If you have a subdomain, it is owned by the person who owns the TLD. For example, you might have a blog at myamazingblog.wordpress.com, and wanted to use OAuth with it. Unfortunately, this would not be possible, since you do not own wordpress.com (the TLD).
Try testing on a different device or clearing cache.
For me it turned out I had everything correct (just with my example.com domain) but my iOS safari was caching something and it kept giving me the ‘not whitelisted’ message. Which led me to think I needed to add dev.example.com as well - which isn’t necessary.
So try going to the site on another device or browser to see if it works.
I want to redirect myapp.herokuapp.com to mydomain.com.
What I was able to achieve with company that I bought a domain from (lets call them X) is to add new CNAME, so a www.mydomain.com displays myapp.herokuapp.com and that is OK.
What I also want to do is to be able to access the app without the need to write www before the rest of the address. It was said to me that I should change A record within domain configuration, but X company does not allow it. What I can (and what they recommended) is to set and option in domain configuration called IP/URL/host redirect to myapp.herokuapp.com.
Changing this makes my website available under the mydomain.com without the need to write www before, but what it also does is it displays the website in a frame.
What should I do to achieve this? Is this a heroku thing, the X company thing or should I change something in the way my website can be displayed?
Typing www.mydomain.com displays the website correctly - without the <frameset><frame></frame></frameset> tags.
In the Heroku Dashboard "Domains and Certificate" section, add to your custom domains both domain names, "www.mydomain.com" and "mydomain.com".
Make your DNS target the "mydomain.herokuapp.com" in both records.
Check https://devcenter.heroku.com/articles/custom-domains for more information.
I'm new to the Facebook Graph, but I appear to be stuck. I have my own domain name, but I have a separate web hosting URL. So I have set up permanent domain forwarding from my domain to the hosted URL. How can I set up facebook to point to the correct URL? If I set facebook to all point to my domain, facebook complains of a circular URL reference.
It works properly if I point facebook to the hosted URL, but then I'm going to be stuck forever with that host. If someday I want to change provider, my understanding is that anyone who Liked one of my pages will lose that like. Please help me understand how I should set this up. Thanks to all.
UPDATE: Sorry I forgot to mention that the domain (blah.com) is at one provider (using GoDaddy), and I'm looking for just one sub-domain (project1.blah.com) to be forwarded to a free web hosting environment (project1.webuda.com) where I set up a facebook graph-based web site.
your domains are set up incorrectly. you should not have to redirect from your domain to your "hosted URL".
If the URL is forwarded to another URL its not likely that FB will allow the process to continue, security reasons on top of other reasons. If you want to change the URL from your FB app however you would have to go to developers.facebook.com and reassign the URL for your app to one you want to use.
Here's the solution I came up with. I didn't realize that I could do this. I set up my DNS so that my web host's nameserver could be specified, but only for a particular subdomain. The web page appears to be working properly now, and I will mark this answer as correct once I confirm that facebook's opengraph is also working properly, when I switch it all over to use my actual domain instead of my web host's domain.
Suppose I own the domain mydomain.com and I have a web application on a server, at the URL http://99.99.99.99:1234/MyApplication/startpage.something
What I'd like to have is that if the user writes appserver.mydomain.com/ it goes to the application URL above, but the user still sees appserver.mydomain.com in the location bar (I used appserver instead of www to make the question more generic). I want also that if the user writes appserver.mydomain.com/app?q=120 it is like he typed http://99.99.99.99:1234/MyApplication/page?q=120, but the user still sees the URL as he typed it.
Until now (I'm using a cheap domain seller), I've been only able to have
http://appserver.mydomain.com:1234/MyApplication/startpage.something
or just http://appserver.mydomain.com but it remains only that in the url, even if there is a path or arguments in the URL.
I am mainly interested in Tomcat server, anyway any more generic istructions are welcome.
You can not do this. When a URL says http://something/, all browsers connect to port 80. To connect to port 1234, you must have it in the URL: http://something:1234/.
What you can do is:
create a URL redirect so that when a user connects to http://something/ (port 80), the request is redirected to http://something:1234/. You could do this using .htaccess redirect rules in the document root of your http://something/ site.
in the document root of the http://something:1234/ site, you could create a redirect rule that maps / to /MyApplication/startpage.something
With this solution, the user will see http://something:1234/ in the address bar. In case you need it, there are various resources on the web (and here on SO) on .htaccess redirects.
I have a website (www.mydomain.com) that is secured with an SSL certificate. It is an ASP.NET website and I have forced certain pages via code to be required to use the https:// prefix. If they don't it will redirect them to the https:// equivalent. Is this a good practice? Is there an easier way to do this? Not every single page requires SSL.
Also, when the users use my URL in the form of mydomain.com instead of www.mydomain.com they get a certificate error because the certificate was registered for www.mydomain.com. Should I use the same approach as I am with the http:// and https:// issue I mentioned above? Or is there a better way of handling this?
Your approach sounds fine. In my current project, I force HTTPS when a user goes to my login page, (Based on a config flag which lets me test locally without dealing with needing a cert). This allows me to access other pages unsecured which is handy.
I have a couple places where our server grabs the output of other pages (rendering to html to PDF and fetching dynamic images for example). Because of our environment, our server can't resolve it's public name, so if we were to force ssl at the site we'd have to add, our internal IP address (or fake the domain name).
As for your second question you have two options to handle the www.example.com vs example.com. You can buy a certificate that allows you to have multiple domain names. These are known as UCC certificates.
Your second option is to redirect example.com to www.example.com or the other way around. Redirecting is a great option if want your content to be indexed by google or other search engines. Since they will see www.example.com and example.com as two seperate sites. This means that links to your sites will be split reducing your overall page rank.
You can configure sites in IIS to require a Cert but that would A) generate an error if someone isn't visiting with https and B) require all pages to use https. So, that won't work. You could put a filter on IIS that checks all requests and redirects them as https calls if they are on your encryption list. The obvious drawback here is the need to update your list of pages every time a new page is added (e.g. from an XML file or database) and restart the filter.
I think that you are probably correct in building code into the pages that require https that redirects to an https version if they arrive via http. As far as your cert error goes, you could redirect with a full path (that includes the www) instead of a relative path to fix this problem. If you have any questions about how to detect whether the call uses https OR how to get the full path of the current request please let me know. Both are pretty straightforward but I've got sample code if you need it.
UPDATE - Josh, the certs that handle multiple subdomains are called wildcard certs. The problem is that they are quite a bit more expensive than standard certs.
UPDATE 2: One other thing to consider is to use a Master page or derived class for the pages that need SSL. That way, instead of duplicating the code in each page you can just declare it as type SSLPage (or use the corresponding Master page) and have the Master/Parent class handle the redirect. Again, you'll need to do some URL processing if you take this approach but it is pretty trivial.
Following is something that can help you:
If it is fine to display all your website pages with https:// then you can simply update your code to use https:// and set two bindings in IIS. One is for http and another is for https. In this way, your website can be accessible through any of the protocol.
Your visitors are receiving a name mismatch error because the common name used in your SSL certificate is www.mydomain.com. Namecheap is providing RapidSSL certificates through which you can secure both names under single SSL. You can purchase this SSL for www.mydomain.com and it will automatically secure mydomain.com (i.e. without www).
Another option is you can write a code to redirect your visitors to www.mydomain.com website even if they browse mydomain.com.