Dynadot

information Check Your Domains if Parking/Redirecting - Domains without SSL Won't Load

Spaceship Spaceship
Watch
A lot of web browsers are checking for SSL (https) now, and a lot of parked domains are now giving browser errors. If there's a browser error, the traffic won't go forward, it won't redirect, and the parking page won't display.

Check your domains, because this is probably going to be one of the reasons why your parking revenue is down.

Some registrars automatically set up SSL on every domain if you redirect from the registrar. BUT there are a lot who don't.
 
14
•••
The views expressed on this page by users and staff are their own, not those of NamePros.
Can anyone please chime in for above.com? Are they handling this correctly?
They handle this in a strange way. Https links that are visited directly work well, but they end up redirecting to an unsecured http page with ads. But it works.

I also realize that with these domain parking solutions, there might be various settings for the user to be made where traffic is ultimately directed, so this (the part after redirection) may be different with other customer settings.
 
Last edited:
7
•••
Can anyone please chime in for above.com? Are they handling this correctly?
with the 15% commission rule less people use above
 
6
•••
with the 15% commission rule less people use above
I should have specified above.com as a parking rotator, not a sales platform.

More specifically, would it be a good idea to use Bodis directly and bypass Above completely?
 
Last edited:
1
•••
I should have specified above.com as a parking rotator, not a sales platform.
15% qualification rule requires you to use one of gd dns (afternic, dan etc)
 
Last edited:
1
•••
More specifically, would it be a good idea to use Bodis directly and bypass Above completely?
Hi

guess that depends on how productive the rotator is working for each of your domains and what other ppc platforms are being used.

if you got time, perform a few tests to check for differences.

imo...
 
2
•••
Can anyone please chime in for above.com? Are they handling this correctly?
You'll know if your domains actually load a landing page and you're not getting an SSL error.

Make sure you check this with some older web browsers, as well, as I've noticed that some browsers (such as latest version of Firefox, Chrome, etc.) it's fine but if you use an older web browser there are SSL errors and the page won't load.
 
7
•••
You'll know if your domains actually load a landing page and you're not getting an SSL error.

Make sure you check this with some older web browsers, as well, as I've noticed that some browsers (such as latest version of Firefox, Chrome, etc.) it's fine but if you use an older web browser there are SSL errors and the page won't load.
This probably has to do with outdated cipher suites, or outdated TLS version, in those browsers.

It's a negotiation between cipher suites defined on the webserver and cipher suites defined in the browser.

Webservers may decide to not serve older cipher suites or TLS versions, because they are less secure, for example.

Outdated root certificates defined in those browsers may also be the problem.

At some point it is simply impossible to properly support all older browsers.
 
Last edited:
8
•••
I just started seeing this SSL issue in the past week and never ran across it before that ... seems that some registrars are handling the SSL for the domains but where I have mine that I needed to forward do not. After alot of back and forth ... it appears my only options are using Cloudflare, setting up a hosting account and putting in bulk domains or finding a new registrar that does offer this SSL service and moving all my domains there. No good options. This is a serious issue for any domain investor that forwards domains to ppc or parking pages as it\s going to get blocked ... mean traffic is worthless, lost ppc revenue and parking as well as cause trust issues with visitors not familiar. ALL registrars should make sure to offer this solution on their end ... we spend a fortune with them and I can't imagine it's a major effort or expense for them to do.
 
8
•••
8
•••
The issue of parking landers showing Non-Secure in the address bar is an easy fix for the engineers/programmers at all of these registrars. They don't care enough to fix it. They don't care if it hurts them and the domain owner. We'll probably talk about it today on Talking Domains.
 
6
•••
1
•••
Thanks Todd ... it should make for an interesting discussion since this issue really hasn't been noticed by most nor the massive losses it presents to us already and even more if these registrars and parking companies if they don't take action to fix this.
 
7
•••
My Afternic rep just sent me an email saying this about NS1 NS2 landers:
"They show ‘Non-Secure’ because of the SSL certificate creation process. The parking team is working to have those updated later this year."
 
9
•••
My Afternic rep just sent me an email saying this about NS1 NS2 landers:
"They show ‘Non-Secure’ because of the SSL certificate creation process. The parking team is working to have those updated later this year."
It's truly unbelievable. There is so much knowledge available within the company, but departments don't seem to be using each other's expertise. This can be improved.



https://www.godaddy.com/web-security/ssl-certificate

1677187798774.png



https://certs.godaddy.com/repository
 
Last edited:
8
•••
Let's not forget, they actually penalise you (GD) if your bypass their crappy handling of SSL (dns) by charging you a higher commission on your sales. A sale that would never ever happen if it wasn't for YOU NOT USING their dns because your lead would get blocked.

Sad but true. Get your shit together GD!
 
10
•••
If you aren't using their landers and your sales comes directly from your lander, there is zero commission.
 
8
•••
It's truly unbelievable. There is so much knowledge available within the company, but departments don't seem to be using each other's expertise. This can be improved.

It's actually quite easy to implement and I would categorise this as intern level of knowledge.

But yes, there's the irony of them acquiring Dan who flawlessly tackled the issue... Years ago.
 
Last edited:
7
•••
As for registrars, from those I checked, GoDaddy and NameSilo do not have auto SSL. Dynadot and Porkbun do have auto SSL.
Thanks for all the technical discussion that has been ongoing. These are important matters to add to a consideration of which registrars to use.

Do Namecheap and Epik have the auto-SSLl?
 
0
•••
Do Namecheap and Epik have the auto-SSLl?
Unsure about namecheap (I'm not a customer), Epik I think has it. Using Epik for any purpose is too risky at this time though.
In any case, we are speaking about very specific case: registrar-based web forwarding. Any other usage type, such as assigning sedo (bodis, dan, parkingcrew etc.) nameservers makes this feature irrelevant, as the service provider such as sedo would be responsible for SSL certificates.
 
Last edited:
3
•••
As Bill Hartzer said "Some registrars automatically set up SSL on every domain if you redirect from the registrar. BUT there are a lot who don't."

This is as big or a bigger issue as our empty vessal domains are apparently required to have SSLs applied to them as well in all instances I've been told. I only found this out when I was doing 302 forwarding to secure sites as I did for ages and when I checked I was getting the nonsecure warning page saying "go back". Meaning most people would never make it to the destination pages. I use 2 different registrars primarily and after literally hours on hold and trying to explain the issue to the tech people they weren't even aware of whats turning out to be a common issue.

Only one tech person knew anything about it but the registrar didn't automatically put SSL on registered domains nor had plans to do that. I was told my only option for ALL the domains if I wanted the forwarding to work was to create a cloudflare account and run the domains through that or create a hosting account and apply SSL across the domains there ... then forward each domain to wherever.

Lots of jumping through hoops for a service our registrars should, can and in some cases do offer ... it's not a difficult thing to do from what I've learned from dealing with this. They should care as we and in cases them are losing PPC rev, traffic, domain sales etc. I hope that others see the seriousness of this issue and let their registrars know as I'm doing so maybe we can get this fixed. If people remain silent nothing is going to be done.

Btw ... if anyone didn't see ABS's post about his discussion with Godaddy ... he was told they know of the issues, they will be addressed BUT not until MUCH later this year. Totally unacceptable especially from the 800lb Gorilla of domain registrars to not make this a priority.

Sorry ... rant over. Good luck folks
 
5
•••
Btw ... if anyone didn't see ABS's post about his discussion with Godaddy ... he was told they know of the issues, they will be addressed BUT not until MUCH later this year. Totally unacceptable especially from the 800lb Gorilla of domain registrars to not make this a priority.
For a $12 Billion company, might onehope for faster implementation?

Realistically, perhaps they have their hands full addressing the recent hacking issues. Maybe more time is needed for a thorough reassessment of security improvements beneficial for both the company and customers?
 
Last edited:
0
•••
I have post in other thread that some of my parked domains show temporary or permanent errors, have found out that some registrars adds their own A records to the domain, after removing them the domain loads fine, will test further. It is possible the A records are added if you forwarded the domain prior to parking it.
Also make sure to remove any DNSSEC they also can cause verification problems, when listing domains at Dan.
 
0
•••
Cloudflare is useful for SSL. LetsEncrypt also issues free SSL certs (renewable after 3 months). I used Above.com in the past, but ever since my Bodis account was canceled, I stopped using Above.com for parking, I can't remember if their parked pages were SSL-enabled or not.
 
Last edited:
0
•••
It's almost 1-2 years not loading even url forwarding .
 
0
•••
I have post in other thread that some of my parked domains show temporary or permanent errors, have found out that some registrars adds their own A records to the domain, after removing them the domain loads fine, will test further. It is possible the A records are added if you forwarded the domain prior to parking it.
Also make sure to remove any DNSSEC they also can cause verification problems, when listing domains at Dan.
Thanks for the insight. All the more reason that it may be best, at least in some cases, to have full control of the DNS?
 
0
•••
Back