I am doing some minor changes on my friends website. I noticed something very weird: when address is: https://websitename.com , it leads visitor to totally different website (and in address line is still https://websitename.com address, with notification about bad ssl sertificate), selling some shoes or something. http is still ok.
Site is checked for viruses, computers also, twice, and nothing is found. What could possbly cause this?
Website is hosted on Hostgator.
EDIT: I have to mention that i have address of "wrong" website. When I go to it, it shows empty page, and there is nothing on that domain. Like https://mywebsite.com is pointing to some website that is cached somewhere.
EDIT2: Also, there is a problem with google, he indexed https version of website, and found some links on "wrong" website, and indexed them too. So now, I can google https://mywebsite.com/something/shoe , and that page does not exists on http (giving 404).
i think its a hosting issue. I had similar problem with subdomains, when on one of my subdomains completely different site appeared.
Its due to on 1 server (ip) there are more than 1 domain (shared hosting) and it might be not configured properly. Ask your hosting provider support how they would explain and fix it, as this is obviously big security issue.
Related
This is a peculiar one.
I work for an agency, and we develop WordPress and JAM Stack sites for our clients.
I have been contacted by the IT team for one of the clients (an NGO), and they flagged something that I have not seen before.
NOTE: I am going to be using example.org as the website, to protect the identity of the client.
Basically, we developed a WordPress site for them, which works great and all, but as it turn outs there is a page on the website which points to a totally different website
The example page is as follows
example.org/news/points-to-different-website/
The news page doesn't exist in anywhere on WordPress system, and neither does it exist as a custom post type.
And another thing, I noticed is when I removed the / at the end of the URL, it shows the custom 404 page developed for the website
example.org/news/points-to-different-website
But as soon as you add the /, it shows a totally different website.
I have checked all the Apache configuration files related to the site, and it is just the normal setup for any WordPress site.
So, I am wondering what could be causing this, and how can one prevent it?
That's a strange issue. Does example.org/news/points-to-different-website/ actually redirect to another full URL, i.e. differentwebsite.com, or is the different site actually at example.org/news/points-to-different-website/?
Try
emptying the trash for both pages and posts, as there could be a conflicting slug that is causing a redirect.
Reset permalinks.
Using PHPMyAdmin, search the database for the URL points-to-different-website and see if there is malware or some kind of a redirect, an iFrame, etc.
This can sometimes happen if the server hostname is not set up correctly.
What can happen is website on the server will show in place of a non-existent site or page from another website on the same server.
If you are using a reseller hosting/shared hosting, then the site could be from another account on the server, the site could also be from another server, for example:
There are 2 servers with the hostnames serverone.myserver.com and servertwo.myserver.com... A site on serverone might show in place of a site or page on servertwo.
I just migrated the my website from my old domain to new domain. Its migrated but when I am clicking on something like pages or category its redirecting me to the old site with this error:
The site can't provide a secure connection. shopskart.in sent an invalid response. ERR_SSL_PROTOCOL_ERROR
Screenshot of error message
I also did these changes in wp-conf and wp-options but still I am getting same issue. Someone said its because its forcing site to https due to SSL I had but now I don't have SSL and don't want one right now.
You probably copied the old SSL file to your new site, and it's still active. You should disable it. Also check if there's any setting (in backend or database) pointing to https in stead of http, since you won't be using a secure connection anymore (Why not? You should!). Check the htaccess file as well! If the problem still occurs try clearing your browsercache.
From where i can find the ssl file. Or code. Actually the website was created by my developer and now he refused to give the data when i asked him. So i migraded using wp plugins and dont know where he pasted the ssl certificate.
I have moved my WordPress multisite installation successfully to Azure. My main blog and another that I have moved work fine:
cedarrivermusic.com and
timpurdum.com.
However, my third site, cedarrivertech.com, does not resolve.
ERR_NAME_RESOLUTION_FAILED or Can't Reach errors when using this address.
I can access the dashboard, because this resolves to tech.cedarrivermusic.com, but not the actual site.
I have checked all DNS records, and they are identical for all three.
The web app on Azure verifies all three addresses, as well as *.cedarrivermusic.com.
Not sure whether this is a WP issue or an Azure issue.
EDIT
I "solved" this by going into the WHM panel on the old server, and seeing that I had deleted the DNS zone for cedarrivertech.com. So I recreated the entry on the old server. Which makes absolutely no sense to me, as every ping/dns service I can find shows the new server. I'd still love suggestions on how this is happening from the old DNS zone server.
As mentioned in the edit, deleting a DNS zone in your old (yet active) WHM panel will cause this failure. However, I have also discovered that I can turn off the old server completely, and the new server functions correctly.
EDIT
Actually, turning off the WHM server does eventually cause failure again, so I am in contact with my old host/domain registrar to try to fix this.
I have a website that I'm working on to pass from http to https. A month ago, I've went through all pages on the website and changed the links in the page's content using the Wordpress CMS back-end editor. When I typed https:// in the address, I could see on the console a lot of Mixed Content errors related to links on files that I don't access to, so I passed this all to the back-end guy in my company to deal with.
Today, someone pointed out that the website is still not secure and if you type https:// it will default to http://. I've tried doing this in Chrome, Firefox and Internet Explorer, and them all default back to http://. The person that pointed this problem said that, since we already have the certificate, this should be happening because some part of the website is still not secure.
How can I find where is this issue happening?
You will need to enable the secure site feature from your hosting first the "SLL", but since you mentioned it is already enabled. then you will need to use a plugin to enforce the secure website on all pages, you can try https://wordpress.org/plugins/really-simple-ssl/
I've migrated my Wordpress blog to OpenShift recently. It works perfect until when you try to add a custom domain alias to your installation.
The OpenShift URL for my blog is blog-latifetunc.rhcloud.com
I added the following URL as alias: blog.latifetunc.com
(Sorry I couldn't attach images since I don't have enough reputation points. Instead I put links to images. This is my first question in StackOverflow.)
http://www.alpertunc.com/q1.png
I successfully added the CNAME record for my domain to point blog.latifetunc.com to blog-latifetunc.rhcloud.com in GoDaddy
http://www.alpertunc.com/q2.png
The problem pops up when I try to reach my blog with this alias. It says:
Safari can't verify the identity of the website "blog.latifetunc.com".
The certificate for this website is invalid. You might be connecting to a website that is pretending to be "blog.latifetunc.com", which could put your confidential information at risk. Would you like to connect to the website anyway?
(I can't even post more than two links without 10 reputation points :( So please put the above URL in front of below images as well.)
q3.png
If you click "Continue" it works fine but this alert is very scary for many users. I searched for hours for a solution with no luck. I considered buying a security certificate as well but then I thought this blog was working with an alias in its previous installation too. However we never had such an alert in browser while visiting either via the main domain or the alias.
The previous installation was on IIS and the binding were as following:
q4.png
Then when my brain was about to explode I found out that the alert is due to https. When I checked Settings from my Wordpress dashboard I realised that somehow OpenShift installs Wordpress on https and sets the permalinks to https.
q5.png
In fact whatever you type that points to *.rhcloud.com is converted to https. I know that because I added the CNAME for www.latifetunc.net to point to blog-latifetunc.rhcloud.com as well but didn't add the alias in OpenShift Applications. So www.latifetunc.net resolves to blog-latifetunc.rhcloud.com but since there is no alias defined (hence there is no vhost entry in Apache) it gives error. But even that error is in port 443!
q6.png
My main problem is to get rid of the certificate error while visiting my blog via my alias domain name. I really appreciate any help on that one.
My related question is that why on earth permalinks start with https on OpenShift Wordpress installation? If I can solve that, probably I'll solve my main problem as well.
Thanks a lot!
I checked blog.latifetunc.com on safari,chrome,firefox, and opera and I didn't get any warnings so you much have figured out a solution. However for others who may stumble across this I've provided some information:
By default OpenShift applications accept traffic on both http and https. So if you're wanting to have a custom domain but aren't worried about ssl than you can simply just use the http connection to your application (http://myapp.com). If you are wanting to apply a SSL certificate and you're on one of the plans that allow it (bronze or silver). The documentation to apply it, is in the SSL Section of the OpenShift Online User Guide.