Google Chrome update makes HTTPS the default for incomplete URLs

[Hypersot]

I know most of you probably know this but still:

https://www.techradar.com/news/google-chrome-is-making-https-the-default-for-incomplete-urls

I can't even imagine the impact this will have onto parking if there are no steps taken from the parking services to implement certificates to as many domains as possible.

 

[matt_bodis]

You can read about our existing SSL support here: https://www.bodis.com/blog/ssl-supported-on-over-6m-host-names

Once we support a) and b) we should be covered. So likely quite soon considering how imminent this issue is.

 

[Dynadot]

It is unfortunate. What do they mean by "if the HTTPS URL is available"? If the server listens on httpS port, but does not serve the particular domain via httpS - what will happen? I mean what will really happen, as today such a request will produce "certificate mismatch" error (default certificate of the server itself will be served instead). Or, if the server does not respond on https port at all - what will happen? This is the case with most domain forwarding services we use, such as those provideded by @namesilo or @Dynadot if I am not mistaken. Does @namesilo and @Dynadot have plans to implement https by default for domain forwarding?

Thank you for tagging us, at this time we automatically apply free SSL certificates to domains using our Domain Forwarding, Stealth Forwarding, 'For Sale' Landing Pages, Email Hosting and Website Builder services. Free SSL certificates are also available by request for domains using our Custom DNS service.

At this time we don't offer the free certificate for domains using Dynadot Parking, unfortunately, however I have escalated this to our team for further investigation into whether the free SSL certificate can be extended to domains using our parking service.

 

[Hypersot]

Bodis, PC, etc. they all know what's coming.

My post was more for the forum readers to know as well in case thy didn't know already.

Talking about present time,
I can't even count the times I follow links (when I do research for parking) that end up in 'not secure' blank parked pages because there is no certificate on.

The problem is already here but, with the Chrome update coming, the problem will reach epic proportions if nothing will be done.

 

[Sutruk]

From Chromium Blog:

A safer default for navigation: HTTPS

https://blog.chromium.org/2021/03/a-safer-default-for-navigation-https.html


"For sites that don’t yet support HTTPS, Chrome will fall back to HTTP when the HTTPS attempt fails (including when there are certificate errors, such as name mismatch or untrusted self-signed certificate, or connection errors, such as DNS resolution failure)."

 

[privatereg]

As far as I know, only Bodis supports HTTPS for all of their domains and that was just recently implemented. From what I can see, they don't actually create a certificate for a domain name until they get a back link that references the https parked page. Until then, it stays as http only. My understanding on Parking Crew is they don't do it for all their domains - only certain ones. I don't know about the other parking companies.

 

[privatereg]

maybe it's good to ask bodis if we can expect rev declines from all this @matt_bodis

I'm checking with Bodis. I'll let you know what they say....

 

[privatereg]

I'm checking with Bodis. I'll let you know what they say....

This is Bodis response "....the developers are working on it tomorrow. We should have it rolled out, at the latest by end of next week."

 

[Reallybigidea.com]

Why do you use Chrome?

Checkout this https://mobile.twitter.com/DuckDuckGo/status/1371509053613084679

 

[alcy]

I know most of you probably know this but still:

https://www.techradar.com/news/google-chrome-is-making-https-the-default-for-incomplete-urls

I can't even imagine the impact this will have onto parking if there are no steps taken from the parking services to implement certificates to as many domains as possible.

u mean the impact its already having now or what? do we tag bodis?

 

[alcy]

I'm not sure what you are asking. Did you read the article? it appears Chrome 90+ will have that implemented.

sorry my bad.. I misread your post to be in present time..prolly cause of title..my bad

well..do we tag bodis anyway or just wait for our rev to decline in future and ask then?

 

[Hypersot]

well yer the park pro not me..so u prolly know best if bodis..PC.. have the certificates or not..

for instance I remember when I once was on Parkcrew... even if ads did not show...due to.blocker or what not...the sale banner still did..

I wish bodis worked this way..but it doesnt

You are correct.
What shows up is completely up to the visitor's setup.

For example,
I use Kaspersky. That AV -more often than not- completely blocks any non https pages and shows a 'not secure page' message on a blank page.
Other AVs keep the sales lander showing but don't show anything else
etc.etc.

 

[Hypersot]

I don't see why some people think it's not a good idea to force people to switch to https.
Too bad for domainers using parking companies that don't care about it but it's the way it is.
No https = No visitor. It's not that difficult to create an SSL certificate..
(Plus, parking the way it was shouldn't exist anymore, uBlock/adblock will kill these)

You imply that domainers have a choice on the matter.

Besides Bodis who -afaik- is in their plans to add certificates on all parked domains with them, which other parking company offers SSL on ALL parked domains that you know of?

 

[Hypersot]

As far as I know, only Bodis supports HTTPS for all of their domains and that was just recently implemented. From what I can see, they don't actually create a certificate for a domain name until they get a back link that references the https parked page. Until then, it stays as http only. My understanding on Parking Crew is they don't do it for all their domains - only certain ones. I don't know about the other parking companies.

Bodis provide limited https support. As per Bodis support:
"We currently have a limit of 5-7 SSL certs per domain name, including www and the root."

ParkingCrew provide certificates only for domains they judge to be worthy (ie. high earners or high traffic)

 

[alcy]

maybe it's good to ask bodis if we can expect rev declines from all this @matt_bodis

 

[matt_bodis]

Hi Hypersot,

We have an unusually large queue of domains today, hence why. It should catch up eventually. If it still hasn't caught up in 24 hrs please let us know.

Typically though it'd be a few minutes.

We've made some improvements but the next step will be DNS wild card / resolving without the first visit. We're working on this.

 

[Hypersot]

@matt_bodis
4 days and still nothing. I can't imagine how much traffic is lost if this happens on other domains too.

Will DM you.

 

[matt_bodis]

It def works, we now resolve HTTPS on over 9M domains.

There's various levels of integrations.

The next step is DNS which probably will solve most these issues.

Sorry for the inconvenience.

We'll announce DNS soon.

 

[Hypersot]

u mean the impact its already having now or what? do we tag bodis?

I'm not sure what you are asking. Did you read the article? it appears Chrome 90+ will have that implemented.

Just in case I didn't understand your question:
if you try and visit a parked domain using https (either via direct visit or via a backlink) and the domain does not have any certificate on then you'll get a blank page, ie. no lander, no chance for the visitor to click ads, etc.

 

[tonyk2000]

It is unfortunate. What do they mean by "if the HTTPS URL is available"? If the server listens on httpS port, but does not serve the particular domain via httpS - what will happen? I mean what will really happen, as today such a request will produce "certificate mismatch" error (default certificate of the server itself will be served instead). Or, if the server does not respond on https port at all - what will happen? This is the case with most domain forwarding services we use, such as those provideded by @namesilo or @Dynadot if I am not mistaken. Does @namesilo and @Dynadot have plans to implement https by default for domain forwarding?

 

[alcy]

well yer the park pro not me..so u prolly know best if bodis..PC.. have the certificates or not..

for instance I remember when I once was on Parkcrew... even if ads did not show...due to.blocker or what not...the sale banner still did..

I wish bodis worked this way..but it doesnt

 

[Gube]

I don't see why some people think it's not a good idea to force people to switch to https.
Too bad for domainers using parking companies that don't care about it but it's the way it is.
No https = No visitor. It's not that difficult to create an SSL certificate..
(Plus, parking the way it was shouldn't exist anymore, uBlock/adblock will kill these)

 

[alcy]

You imply that domainers have a choice on the matter.

Besides Bodis who -afaik- is in their plans to add certificates on all parked domains with them, which other parking company offers SSL on ALL parked domains that you know of?

phew..so we will be alright with bodis...good to know..

 

[Gube]

You imply that domainers have a choice on the matter.

Besides Bodis who -afaik- is in their plans to add certificates on all parked domains with them, which other parking company offers SSL on ALL parked domains that you know of?

If there is a demand for it, it will likely end up happening
But I don't think the demand for PPC parking is that high though

 

[tonyk2000]

I just checked, Dynadot generates SSL certs for domains using their FORSALE lander (which is in fact 302 forwarding, it works both for http and https). A good sign. Unsure about routine domainforwarding, as I do not have any "forwarded" Dynadot domains.
NameSilo does not have https, any https connections to forwarded domains are timed out. So, in the best case, chrome users will see a delay before being forwarded...