Highlighted

Muse site is not secure -- Godaddy says it's a Muse issue (the site shows https by mistake)

Engaged ,
Aug 08, 2018

Copy link to clipboard

Copied

Today, I uploaded a site made in Muse to a Godaddy hosting account (which hosts a number of non-SSL domains, as well as one SSL).

But when I try to open the site in a browser, I get the message "Your connection is not secure" because the URL has changed to https by mistake (e.g. there is not, and should not be, an SSL certificate for this domain).

I talked a long time with a Godaddy supporter who said the problem has to come from Muse: There was installed an SSL-certificate by mistake on the domain today, and he said it had to be because of Muse. He deleted the wrong certificate, but that didn't help.

I told him that, to my knowledge, there are no options at all to choose between http and https in Muse. He replied, that there was no chance that Adobe would have an applicaton without that option.

So could any of you please enlighten me?

Is this a Muse problem or a Godaddy problem?

Another thing: One browser (Safari) did allow me to bypass the warning - but only to show a message like "A new exciting site is coming soon". So the uploaded site didn't even seem to be there. When I check Godaddy's File Manager, all the Muse files are there however, and they all look correct.

Other Muse sites I've uploaded on the same server do not have this problem...

I think(!), this is not a Muse issue. Muse normally has nothing to do with secure/unsecured sites.

If there is a SSL certificate installed and the site now is https instead of http, you have to redirect the http site to the https site. This has to happen on server-side by adding a redirect command into the “.htaccess“ file.

Is it possible, that the certificate has been withdrawn, but the htaccess entry already exists?

Views

1.8K

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more

Muse site is not secure -- Godaddy says it's a Muse issue (the site shows https by mistake)

Engaged ,
Aug 08, 2018

Copy link to clipboard

Copied

Today, I uploaded a site made in Muse to a Godaddy hosting account (which hosts a number of non-SSL domains, as well as one SSL).

But when I try to open the site in a browser, I get the message "Your connection is not secure" because the URL has changed to https by mistake (e.g. there is not, and should not be, an SSL certificate for this domain).

I talked a long time with a Godaddy supporter who said the problem has to come from Muse: There was installed an SSL-certificate by mistake on the domain today, and he said it had to be because of Muse. He deleted the wrong certificate, but that didn't help.

I told him that, to my knowledge, there are no options at all to choose between http and https in Muse. He replied, that there was no chance that Adobe would have an applicaton without that option.

So could any of you please enlighten me?

Is this a Muse problem or a Godaddy problem?

Another thing: One browser (Safari) did allow me to bypass the warning - but only to show a message like "A new exciting site is coming soon". So the uploaded site didn't even seem to be there. When I check Godaddy's File Manager, all the Muse files are there however, and they all look correct.

Other Muse sites I've uploaded on the same server do not have this problem...

I think(!), this is not a Muse issue. Muse normally has nothing to do with secure/unsecured sites.

If there is a SSL certificate installed and the site now is https instead of http, you have to redirect the http site to the https site. This has to happen on server-side by adding a redirect command into the “.htaccess“ file.

Is it possible, that the certificate has been withdrawn, but the htaccess entry already exists?

Views

1.8K

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Aug 08, 2018 0
LEGEND ,
Aug 08, 2018

Copy link to clipboard

Copied

I think(!), this is not a Muse issue. Muse normally has nothing to do with secure/unsecured sites.

If there is a SSL certificate installed and the site now is https instead of http, you have to redirect the http site to the https site. This has to happen on server-side by adding a redirect command into the “.htaccess“ file.

Is it possible, that the certificate has been withdrawn, but the htaccess entry already exists?

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Aug 08, 2018 1
Engaged ,
Aug 08, 2018

Copy link to clipboard

Copied

https://forums.adobe.com/people/G%C3%BCnter+Hei%C3%9Fenb%C3%BCttel  wrote

I think(!), this is not a Muse issue. Muse normally has nothing to do with secure/unsecured sites.

If there is a SSL certificate installed and the site now is https instead of http, you have to redirect the http site to the https site. This has to happen on server-side by adding a redirect command into the “.htaccess“ file.

Is it possible, that the certificate has been withdrawn, but the htaccess entry already exists?

You're a genius, sir! Here's what I was going to post before I saw your reply:

"This was a server issue -- had zero to do with Muse!

If anyone is interested, an .htaccess file was needed in the domain with the following line:

RewriteEngine Off

Otherwise, the domain would be redirected to https, because all domains on that server are by default for some reason."

So you're absolutely spot on -- I wish I had seen your reply before now, but I was one the phone with Godaddy for the longest time!

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Aug 08, 2018 0
LEGEND ,
Aug 08, 2018

Copy link to clipboard

Copied

Fine! I start to doubt, that I really don’t know anything about server configurations!

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Aug 08, 2018 0
Engaged ,
Aug 08, 2018

Copy link to clipboard

Copied

https://forums.adobe.com/people/G%C3%BCnter+Hei%C3%9Fenb%C3%BCttel  wrote

Fine! I start to doubt, that I really don’t know anything about server configurations!

Don't doubt it, you know everything there is to know!

I had to talk to three Godaddy supporters before I found the solution myself by comparing .htaccess files from domains that worked and the one that didn't...

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Aug 08, 2018 1
Adobe Community Professional ,
Aug 08, 2018

Copy link to clipboard

Copied

If your server has SSL certs (essential for all sites these days), why on Earth aren't you using it for all domains?   Google and browsers now penalize ordinary HTTP sites by marking them as Not Secure.

You have until July to Install SSL or Google will mark your site "Not Secure"

Nancy O'Shea, ACP
Alt-Web.com

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Aug 08, 2018 0
Engaged ,
Aug 08, 2018

Copy link to clipboard

Copied

https://forums.adobe.com/people/Nancy+OShea  wrote

If your server has SSL certs (essential for all sites these days), why on Earth aren't you using it for all domains?   Google and browsers now penalize ordinary HTTP sites by marking them as Not Secure.

You have until July to Install SSL or Google will mark your site "Not Secure"

I do use SSL on the most important sites, but they're still pretty expensive for a minor domain.

And I doubt Google's 'Not Secure' branding will have any effect, given the vast amount of decent sites that don't have certs.

It's like GDPR messages, you don't even notice them anymore, it's just spam.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Aug 08, 2018 0
Adobe Community Professional ,
Aug 08, 2018

Copy link to clipboard

Copied

I won't lecture you.  But I think you're underestimating people's awareness about the need for better web security.  Especially since you can get  free SSL certs from trusted authorities like  Let's Encrypt and Comodo.   I think CloudFlare has them too but I've never used their certs.

Nancy O'Shea, ACP
Alt-Web.com

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Aug 08, 2018 1