-1

I set up my domain on heroku/cloudflare. In my heroku settings, my domain is listed as www.my-domain.example. While testing and iterating on configuration, I removed the other entry I had previously added for my-domain.example with its own DNS target from heroku.

On cloudflare, I have two DNS records. One is _domainconnect since my domain is on Godaddy but is pointed at Cloudflare's DNS. The other is this:

CNAME    www    <the DNS target provided by heroku for www.my-domain.example>

I expected my-domain.example to not work, but it does work. It just redirects to www.my-domain.example.

Why is that happening? It's doing the right thing, but I want to understand it so I am better able to handle future issues.

Edit: Wait, it's different from one browser to the next.

In Chrome www is secure and naked redirects to www.
In Safari both www and naked domain are marked "Not Secure".
In Edge, naked domain doesn't load at all while www is Secure. But once I've loaded www, naked redirects to www.
In firefox neither one loads at all.

What is going on?

I added the naked domain back into the heroku list and made a CNAME entry for it on cloudflare, and now edge and firefox work. Safari still marks the site Not Secure both ways. I'm rather confused.

Patrick Mevzek
  • 9,921
  • 7
  • 32
  • 43
temporary_user_name
  • 121
  • 5
  • 1
    Tell uss the domain so we can poke it to see what's *actually* configured. – vidarlo Apr 17 '23 at 05:40
  • 2
    A browser saying "not secure" does not denote a name resolution (DNS) problem. The issue is probably not at IP/TCP level. The browser reacts that way if it can't connect to port 443 (for HTTPS) or if it can but got back some kind of invalid TLS handshake or broken certificate (in 99.999999% of cases: the certificate does not contain the name of the website being queried) – Patrick Mevzek Jul 17 '23 at 18:05

1 Answers1

0

I don't know what you've configured, but your DNS servers reply fine for both cardtavern.com. and www.cardtavern.com:

[~]$ dig cardtavern.com +short
172.67.148.182
104.21.29.91
[~]$ dig www.cardtavern.com +short
172.67.148.182
104.21.29.91

Cloudflare happily serves content at both http and https, with and without www.

vidarlo
  • 6,654
  • 2
  • 18
  • 31
  • Hmm! Thank you for checking. I'm not sure why Safari still marks it Not Secure then. – temporary_user_name Apr 17 '23 at 05:44
  • You should probably try to understand *what* makes browsers do that. – vidarlo Apr 17 '23 at 05:46
  • Yeah I mean I've looked through some resources [like this one](https://support.apple.com/en-us/HT208672) but I'm not really putting 2 and 2 together as to why it's secure in every other browser. And I can't find a way to get Safari to give me meaningful details specific to my site. – temporary_user_name Apr 17 '23 at 07:06
  • OH if I force https by typing it out then it's secure. It's just that safari for some reason is the only browser not automatically doing that....I thought I had cloudflare configured to do that anyway Okay sorry rubber ducking here now. I guess I need to figure out how to force http to redirect to https. – temporary_user_name Apr 17 '23 at 07:09
  • I'm all set. I had to just flip a toggle on cloudflare. By the way, could I ask you to remove my domain from the answer now? Just replace with `example.com` if you don't mind, I would appreciate it. – temporary_user_name Apr 17 '23 at 07:18
  • "By the way, could I ask you to remove my domain from the answer now? " Why? Domain names are public, and questions (or answers) without specific names and details are soon often close to worthless. Remember that the point of this website is NOT just to answer your very specific problem and then see you leave, but also to build a Q&A Library of problems and solutions for future readers... – Patrick Mevzek Jul 17 '23 at 18:06
  • Okay, but my specific domain isn't a detail that's helpful to future readers. The answer is the same with example.com as with mydomain.com. – temporary_user_name Jul 17 '23 at 19:31