Pointer domains on sites with SSL no longer work

This is the place to report bugs and get support. When posting in this forum, please always provide as much detail as possible.

Please do not report problems with a custom build or custom code in this forum. If you are producing your own build from the source code and have problems or questions, ask in the developer forum, do not report it as a bug.

This is the place to report bugs and get support

When posting in this forum, please try to provide as many relevant details as possible. Particularly the following:

  • What operating system were you running when the bug appeared?
  • What database platform is your site using?
  • What version of mojoPortal are you running?
  • What version of .NET do you use?
  • What steps are necessary to reproduce the issue? Compare expected results vs actual results.
Please do not report problems with a custom build or custom code in this forum. If you are producing your own build from the source code and have problems or questions, ask in the developer forum.
You must sign in to post in the forums.
10/14/2024 10:26:42 AM
Eric Stoffers
Gravatar
Total Posts 227
View Posts
Community Expert
Gold Partner

Pointer domains on sites with SSL no longer work

In MP version 2.9.0.1 if you have a primary domain setup with SSL (such as www.mysite.com) other pointer domains don't work such as www.pointerdomain.com or pointerdomain.com. The pointers will error out because there's no SSL on the pointer domains and Mojor isn't switching traffic to the preferred domain. It used to be that the preferrerd domain setting would route users over to the correct domain that has SSL. It's not doing that now (I've checked multiple installs and multiple sites, all pointer domains error out)

10/22/2024 1:42:28 PM
Joe Davis
Gravatar
Total Posts 2247
View Posts

Re: Pointer domains on sites with SSL no longer work

Hi Eric,

I'm looking at this. I don't remember mojo behaving that way, but I wouldn't doubt it. 

Can you confirm you do not have HSTS enabled on the site in IIS? I would suggest you do have HSTS enabled but, if you do, I don't think there's any way to have mojo handle this the way you're describing.

Basically, you want it to redirect to the preferred domain at the same time it redirects to SSL, right?

Thanks,
Joe

10/22/2024 2:14:26 PM
Eric Stoffers
Gravatar
Total Posts 227
View Posts
Community Expert
Gold Partner

Re: Pointer domains on sites with SSL no longer work

Hello. HSTS isn't enabled.

The redirects have always worked before the latest version. That's the whole point to allowing multiple domains in Mojo and the preferred domain. I'd think. Otherwise why even have those options if mojo will only accept one domain? Something changed. I have 50+ pointer domains that have all stopped working. Multiple pointer domains is a fairly common need.

Here's a working example of an older CMS install (v 2.7.0.0):
This non-SSL (http://www.versascreengutterprotection.com) domain redirects to the preferred SSL domain: https://www.edgemeltsystems.com

Another example in a v2.7.0.2 install:
http://www.gsbservicesllc.com points to https://www.mysheetmetalguy.com

Any new CMS installs such as 2.9.0.1 do not work. I'm not sure v2.9.0.0. Worked or exactly what latest version it stopped working, but I think it's the latest one since the last time I set up a pointer domain it worked fine. I'm just noticing it in this latest version.

I hope this provides a hint.

12/21/2024 4:46:46 PM
Eric Stoffers
Gravatar
Total Posts 227
View Posts
Community Expert
Gold Partner

Re: Pointer domains on sites with SSL no longer work

Any update to this by chance? This broke so much, every pointer domain pointing to a mojo site no longer works. I have dozens of client pointer domains not working since the latest update and they worked for years before. It just brings up an error page page now because mojo is trying to serve the pointers as HTTPS instead of first redirecting to the primary domain like it used to do.

Maybe there's an order of checking that changed? Say checking SSL before doing a primary domain check/redirect. It should check the primary domain first.

I believe the problem was introduced when the setting for "require all pages to be SSL" was removed.

 

Unless Mojo have another way to handle pointer domains? This is a super common need for websites.

12/23/2024 10:20:24 AM
Joe Davis
Gravatar
Total Posts 2247
View Posts

Re: Pointer domains on sites with SSL no longer work

We're looking at supporting your scenario. What changed was that if SSL is enabled, it is always enabled, everywhere, for every request. This is the best security possible. It's also best for SEO. Any fix will need to circumvent that to some extent so it will be an option that you will need to enable in web.config.

What we always do is use Let's Encrypt (Certify the Web on Windows is awesome) to create a certificate with all of the domains. This ensures all requests for all legitimate domains on the site are secured.

Edited to add: browsers always try https first and then, if no connection can be made to a domain via https, they'll try http. Having all domains included on one or multiple certificates is the best way to handle this scenario.

Thanks,
Joe

12/23/2024 11:47:49 AM
Eric Stoffers
Gravatar
Total Posts 227
View Posts
Community Expert
Gold Partner

Re: Pointer domains on sites with SSL no longer work

I agree the whole site should be SSL, I was just saying around the time that change was made is when all the pointer domains stopped working. I thought maybe that would give a hint as to what changed. I also had my sites have all pages as SSL since it was an option many years back. A primary domain is always set so there's one canonical, any other domains are just pointers. This is a common need I would think.

The problem is I have like 400+ domains and few hundred websites. SSL renewals is already a major pain and things like Cloudfare don't work with Mojo to just secure everything. Probably something with session state or...I have no idea really.

I can probably do something with web.config rewrites, I just know mojo used to handle pointers and I hate doing manual edits in the web.config unless I have to.

 

No worries. I appreciate anything you guys can do. I actually have a list of little bugs and issues and also features 3rd parties would be willing to pay for to have added. I'm sure you are busy, but if you ever need more to do please reach out. That IP restriction by user account login for example I have a client willing to pay for that. I'll try and post some of the latest bugs to the forums so you have them.

1/3/2025 5:13:05 PM
Elijah Fowler
Gravatar
Total Posts 93
View Posts

mojoPortal Hosting & Design @ i7MEDIA!

Re: Pointer domains on sites with SSL no longer work

Eric,

Mojo has been updated to consolidate the SSL and preferred hostname redirects and it should fix your issue. The changes are in the GitHub repository and will be in the upcoming release.

Please note that going to a URL without SSL in a private window will show an error matter what (it's a browser thing), but everything works as intended in normal mode.

Thanks,
Elijah

1/4/2025 9:31:01 AM
Eric Stoffers
Gravatar
Total Posts 227
View Posts
Community Expert
Gold Partner

Re: Pointer domains on sites with SSL no longer work

That's awesome news! Thank you.

You must sign in to post in the forums.