Copy link to clipboard
Copied
Today, I uploaded a site made in Muse to a Godaddy hosting account (which hosts a number of non-SSL domains, as well as one SSL).
But when I try to open the site in a browser, I get the message "Your connection is not secure" because the URL has changed to https by mistake (e.g. there is not, and should not be, an SSL certificate for this domain).
I talked a long time with a Godaddy supporter who said the problem has to come from Muse: There was installed an SSL-certificate by mistake on the domain today, and he said it had to be because of Muse. He deleted the wrong certificate, but that didn't help.
I told him that, to my knowledge, there are no options at all to choose between http and https in Muse. He replied, that there was no chance that Adobe would have an applicaton without that option.
So could any of you please enlighten me?
Is this a Muse problem or a Godaddy problem?
Another thing: One browser (Safari) did allow me to bypass the warning - but only to show a message like "A new exciting site is coming soon". So the uploaded site didn't even seem to be there. When I check Godaddy's File Manager, all the Muse files are there however, and they all look correct.
Other Muse sites I've uploaded on the same server do not have this problem...
I think(!), this is not a Muse issue. Muse normally has nothing to do with secure/unsecured sites.
If there is a SSL certificate installed and the site now is https instead of http, you have to redirect the http site to the https site. This has to happen on server-side by adding a redirect command into the “.htaccess“ file.
Is it possible, that the certificate has been withdrawn, but the htaccess entry already exists?
Copy link to clipboard
Copied
I think(!), this is not a Muse issue. Muse normally has nothing to do with secure/unsecured sites.
If there is a SSL certificate installed and the site now is https instead of http, you have to redirect the http site to the https site. This has to happen on server-side by adding a redirect command into the “.htaccess“ file.
Is it possible, that the certificate has been withdrawn, but the htaccess entry already exists?
Copy link to clipboard
Copied
https://forums.adobe.com/people/G%C3%BCnter+Hei%C3%9Fenb%C3%BCttel wrote
I think(!), this is not a Muse issue. Muse normally has nothing to do with secure/unsecured sites.
If there is a SSL certificate installed and the site now is https instead of http, you have to redirect the http site to the https site. This has to happen on server-side by adding a redirect command into the “.htaccess“ file.
Is it possible, that the certificate has been withdrawn, but the htaccess entry already exists?
You're a genius, sir! Here's what I was going to post before I saw your reply:
"This was a server issue -- had zero to do with Muse!
If anyone is interested, an .htaccess file was needed in the domain with the following line:
RewriteEngine Off
Otherwise, the domain would be redirected to https, because all domains on that server are by default for some reason."
So you're absolutely spot on -- I wish I had seen your reply before now, but I was one the phone with Godaddy for the longest time!
Copy link to clipboard
Copied
Fine! I start to doubt, that I really don’t know anything about server configurations!
Copy link to clipboard
Copied
https://forums.adobe.com/people/G%C3%BCnter+Hei%C3%9Fenb%C3%BCttel wrote
Fine! I start to doubt, that I really don’t know anything about server configurations!
Don't doubt it, you know everything there is to know!
I had to talk to three Godaddy supporters before I found the solution myself by comparing .htaccess files from domains that worked and the one that didn't...
Copy link to clipboard
Copied
If your server has SSL certs (essential for all sites these days), why on Earth aren't you using it for all domains? Google and browsers now penalize ordinary HTTP sites by marking them as Not Secure.
You have until July to Install SSL or Google will mark your site "Not Secure"
Copy link to clipboard
Copied
https://forums.adobe.com/people/Nancy+OShea wrote
If your server has SSL certs (essential for all sites these days), why on Earth aren't you using it for all domains? Google and browsers now penalize ordinary HTTP sites by marking them as Not Secure.
You have until July to Install SSL or Google will mark your site "Not Secure"
I do use SSL on the most important sites, but they're still pretty expensive for a minor domain.
And I doubt Google's 'Not Secure' branding will have any effect, given the vast amount of decent sites that don't have certs.
It's like GDPR messages, you don't even notice them anymore, it's just spam.
Copy link to clipboard
Copied
I won't lecture you. But I think you're underestimating people's awareness about the need for better web security. Especially since you can get free SSL certs from trusted authorities like Let's Encrypt and Comodo. I think CloudFlare has them too but I've never used their certs.