For some unknown reason, all PDFs on the site http://safetyaustraliagroup.com.au/, when clicked, result in a redirect loop and then ultimate failure:
e.g. http://safetyaustraliagroup.com.au/wp-content/uploads/2017/01/Robert-Keft-Profile-2017.pdf
Result from Pingdom: Pingdom Full Page Test Result
HOWEVER: If I bypass Cloudflare and add the IP address to my hosts file for the domain - it works as expected.
Cloudflare are not very helpful and say it's my problem but I can't understand what is causing this? Especially when my testing indicates that it is only happening when connecting via Cloudflare.
Related
I am currently having issues with setting up an HTTPS domain redirect. I have a DNS URL redirect entry that points a few sub-domains to same-server URLs. For example:
docs.kipper-lang.org -> kipper-lang.org/docs/
play.kipper-lang.org -> kipper-lang.org/playground
The issue I am currently experiencing is that when using the subdomains, it mostly works, but it can only use HTTP. If I attempt to use HTTPS (like for example https://docs.kipper-lang.org) the redirect won't work and will get stuck apparently waiting for the HTTPS certificate (I think, but I don't know for sure, since it loads forever and gets a time-out).
So my DNS provider does its job for the most part as I want, but I am not sure how to add the HTTPS encryption to these redirects. Is there maybe even some DNS configuration or even middle-man service for redirects I can use, where these HTTPS encryptions are built-In? Since receiving a "Warning: Insecure connection" every time someone uses the sub-domains is a massive problem for me.
Note though that considering I am hosting on a GitHub Pages server, I am unable to do these redirects on the server side myself, as I can't use any code in this case.
I would greatly appreciate any ideas for fixing this or what I could use to achieve this another way.
Thanks in advance!
I have a Wordpress website and want to have in form of https://website.com. When I test it on GTmertix in form of http://www.website.com, I receive multiple landing page redirects like this:
Avoid landing page redirects for the following chain of redirected URLs.
http://www.website.com/
http://website.com/
https://website.com/
I have set the base domain on https://website.com format in Wordpress, and also I have done many things on .htaccess file to redirect http to https, but could not solve this issue.
May you help me please?
Without the domain, it is difficult to diagnose (and even then it may be difficult without seeing your .htaccess). Something is obviously redirecting http://www.example.com to http://example.com rather than directly to HTTPS.
You could try looking further up the chain, such as at your domain registrar/DNS provider. If you are behind a proxy like Cloudflare, I'd also be curious if this happens when you add the instance's IP address in your hosts file and try connecting directly - that would at least determine if the issue exists on the host itself or further up the chain.
My client has a Wordpress site with an SSL certificate. Riht now I'm trying to figure out any solution.
The site address is https://illustro.pl
When entered on the front page you'll get the un secure connection warning.
I've tried to find what causes this with any luck, solutions that have not worked
replace http with https
change all http to https with Mixed Content/Insecure Content SSL
In the process I've also changed all the URLs to HTTPS in the database on sites where the was the need to.
I'iv inspected the site with multiple developers tools all of them show the problem at line one.
At this point any suggestion would be appreciated.
Try the below code placing at wp-config.php
define('FORCE_SSL_LOGIN', true);
There could be multible reasons:
Main reason is currently that your webserver is not sending the full certificate chain (intermediate certificate is missing). That's the current reason why the browser tells you "unknown issuer".
The next reason could be or will be that your certificate doesn't have subject alternative names. Browsers will stop checking for common name in future.
I've noticed a large increase in the number of events logged daily that have &hash= in the URL. The requested URL is the same every time but the number that follows the &hash= is always different.
I have no idea what the purpose of the &hash= parameter is, so I'm unsure if these attempts are malicious or something else. Can anyone provide insight as to what is being attempted with the requested URL? I have copied in one from a recent log below.
https://www.movinglabor.com:443/moving-services/moving-labor/move-furniture/&du=https:/www.movinglabor.com/moving-services/moving-labor/move.../&hash=AFD3C9508211E3F234B4A265B3EF7E3F
I have been seeing the same thing in IIS on Windows Server 2012 R2. They were mostly HEAD requests. I did see a few other more obvious attack attempts from the same ip address so I'm assuming the du/hash thing is also intended to be malicious.
Here's an example of another attempt which also tries some url encoding to bypass filters:
part_id=D8DD67F9S8DF79S8D7F9D9D%5C&du=https://www.examplesite.com/page..asp%5C?part...%5C&hash=DA54E35B7D77F7137E|-|0|404_Not_Found
So you may want to look through your IIS logs to see if they are trying other things.
In the end I simply created a blocking rule for it using the Url Rewrite extension for IIS.
I have a bunch of programs written in ASP.NET 3.5 and 4. I can load them fine (I'm in England) and so can my England based colleagues. My American colleagues however are suffering redirect loops when trying to load any of the apps. I have tried myself using Hide My Ass and can consistently recreate this issue.
I'm stumped. What could be causing a redirect loop for users in a specific country?!
The apps are hosted on IIS 6 on a dedicated Windows Server 2003. I have restarted IIS with no luck.
Edit
I should have made it clear that unfortunately I do not have access to the machines in the US to run Firefox Firebug/Fiddler. The message I get in Chrome is This webpage has a redirect loop..
When you say "a redirect loop", do you mean a redirect as in an http redirect? Or do you mean you have a TCP/IP routing loop?
A TCP/IP loop can be positively identified by performing a ping from one of the affected client boxes. If you get a "TTL expired" or similar message then this is routing and unlikely to be application related.
If you really meant an http redirect, try running Fiddler, or even better, HttpWatch Pro and looking at both the request headers, and the corresponding responses. Even better - try comparing the request/response headers from non-US working client/servers to the failing US counterparts
you could take a look with Live HTTP Headers in firefox and see what it's trying to redirect to. it could possibly be trying to redirect to a url based on the visitor's lang/country, or perhaps the dns is not fully propagated...
if you want to post the url, i could give you the redirect trace
What could be causing a redirect loop
for users in a specific country?!
Globalization / localization related code
Geo-IP based actions
Using different base URLs in each country, and then redirecting from one to itself. For example, if you used uk.example.com in the UK, and us.example.com in the US, and had us.example.com redirect accidentally to itself for some reason.
Incorrect redirects on 404 Not Found errors.
Spurious meta redirect tags
Incorrect redirects based on authentication errors
Many other reasons
I have tried myself using Hide My Ass
and can consistently recreate this
issue.
I have restarted IIS with no luck.
I do not have access to the machines
in the US to run Firefox
Firebug/Fiddler.
The third statement above don't make sense in light of the other two. If you can restart IIS or access the sites with a proxy, then you can run Fiddler, since it's a client-side application. Looking at the generated HTML and corresponding HTTP headers will be the best way to diagnose your problem.