SSL certificate not covering my site when www is used
-
I have a custom domain and have set it to use WordPress.com nameservers. The site has an SSL applied through WordPress, but there is a security warning coming up when using www in the URL.
The blog I need help with is: (visible only to logged in users)
-
-
That may be, but that memo was missed by a large portion of the global population who think that a website URL starts with www. For those visitors, I’d like them to be redirected to collinstreeservices.co.uk, not served a scary security alert.
-
I don’t think many people refer to the “world wide web” these days. Make sure your business paperwork just says collinstreeservices.co.uk or https://collinstreeservices.co.uk/ if you must be technical (but browsers will add the https automatically)
-
You can find more details about what @staartmees refers to by checking the www Versus non-www Domains support post.
I tested your domain by using www and it automatically redirects it to the non-www domain name using SSL correctly.
-
Hello there, @keirmcg!
I’ve checked your domain, collinstreeservices.co.uk, and noticed that the SSL wasn’t initiated for the www subdomain, which is why you weren’t seeing the SSL for that.
I’ve now gone ahead and provisioned the SSL for the www subdomain as well. If you still notice any issues, try clearing your browser cache and check again.
Regarding the redirection to www you mentioned in your previous reply, this is exactly how WordPress.com servers work. Search engines prefer having a single version of a site’s address set as the canonical URL for SEO purposes to avoid duplicate content issues. On WordPress.com, the non-www version is set as the canonical URL. While visitors can still access your site using www, it will automatically redirect to the non-www version. You can refer to this guide to learn more about that.
I hope this clarifies everything for you! Let me know if you have any other questions.
-
Thanks for making that change @tanjidrahat. Yes, I’m fine with the redirect working in this way and understand that search engine’s prefer a “single version” of the site to avoid duplicate content issues. I made the DNS change last week and had been having mixed results in different browsers but the security warning was present in more than one.
Thanks for all the other replies, but I know that a lot of internet users (who probably don’t hang around on WordPress forums) still consider all URLs to start with www. So just dismissing this and telling businesses to update their materials isn’t the answer. Having the cert provisioned for the www subdomain is the optimal solution. -
Well THAT is a hugely INCORRECT assumption for a giant like http://www.WORDPRESS.com to “make” as I too, OFTEN use the www. prefix, ESPECIALLY when trying to “search the likes of Google, for a “basic” TLD/URL via he www prefix, such as when doing a BING search for anything to do with (oh for example) http://www.WORDPRESS.com ????
My own BANK uses “both” methods, as it KNOWS that many of it’s elderly (and some of the younger) clients, still have a mindset of www. BEFORE any website name.
Plus ALL http:// websites START with the basic www. prefix.
So is there any way to simply “INCLUDE that subdomain “anyway” onto any PAID PLAN, where previously a website was ADVERTISED (sometimes for many years) BEFORE it was “transferred” across to WordPress, on a PAID plan?
Not allowing that as an automatically added prefix, instead of http://
which (to my way of 71years plus of USING and thus forever thinking) – is ALREADY a prefix to MANY of my own websites – being some 16 or 17 “hosted elsewhere” standard http:// website namespaces, & other HOSTED https:// websites where http://www. HAS TO BE PUT in front of the URL…
Thus I can understand @keirmcg having that issue, when MANY of his own clients, have that www. imbedded into their thinking… -
p.s: Being UNABLE to edit one’s question/suggestion after hitting ente (?) Is also a HUGE problem for those with dizlek, disslech – diss (oh stuff it), “I can’t spell words correctly” and NEED to go and edit them properly, on;y to find – NO edit function – just a “make a reply” so the reply (which is a carry on) is ths:
The NEXT problem I am having now, after over almost 50 years on the intrenet (from the very beginning, in the 1980’s when DOS was the only “computer” language used) is the NEW useless thing that all BROWSERS also assume, and that’s the idiotic method of ADDING that also useless S when the http:// has been selected… OR when JUST the www. has been used (deliberately)… so it isn’t just a WordPressed problem either, but having wordpress IGNORE when a browser is actively LOOKING for the www prefix, not making it auto jump to the domain name itself, makes life OUTSIDE extremel difficult for the elderly and for those with spelling and or “other language” problens, using www to get them where they ACTUALLY want to go ..?
AND YES – you are now STUCK with my dislexick spailung mistakes. -
Hello @quix4u, thank you for following up and I understand your concern. However, because search engines like Google prefer one version of the site address as the canonical URL. Two URLs (the www and non-www versions) would appear as duplicate content, thus penalizing your site in search engine rankings. WordPress.com has made the decision to go with the non-www version as it is the more modern option. We appreciate that this may not be everyone’s preferred choice, but it is what WordPress.com has gone with. More details on this decision can be found here.
As mentioned, the www. subdomain will still work and load your site so it can still be used in any promotional or advertising materials, but the browser will just display the non-www. version of the domain. -
I understand what you are trying to say @staff-mikewp – however there seems to be something MISSING in the way you have think the set up works, to what it actually CAN be setup as.
I set up in my (own transferred in) Domain Name ‘s DNS settings in WordPress.com
As TWO (or was it more than two) conical names, or as everyone calls them = Cname
With not only the @ Cname
But as a secondary Cname with www
&
I also created yet another Cname as *(my domain name), which means ANY subdirectory, is seen as a wildcard and thus also goes directly to my main (master) homepage, as if it was JUST the domain name itself.
Thus as soon as someone types the www.
It (automatically) disappears and is replaced in the browser – with JUST the registered domain name.
Check this out
https://wordpress.com/support/domains/custom-dns/view-or-restore-default-dns-records/#default-a-records
Then look at what my own records show
(p.s: I have [REDACTED] only my “own registered domain name”)- Domains
- [REDACTED]
- DNS records
DNS records are special settings that change how your domain works. They let you connect to third-party services, like an email provider. Learn more.
Type
Name
Value
A
@
Handled by WordPress.com. Learn more.
TXT
titan1._domainkey
v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCHn5zJk6D2y+bsnTMztwXc+9dJL1ZQWsL+3aGN1HOO5uyOJc8ONPLzIv31b/UzYGkqO9Q6GP5WZS9tocgznGZ83+OB+SJ0O1z97GK8W1IAnLK7K4H/9JiPwxmRXKJiFvos57VGvxDfHHaGFkiZ8NClQrRHvr+kCDOVnND5Yc3U5QIDAQAB
CNAME
www
[REDACTED]
CNAME
*
[REDACTED].wordpress.com
TXT
@
v=spf1 include:spf.titan.email ~all
MX
@
mx1.titan.email with priority 10
MX
@
mx2.titan.email with priority 20
TXT
_domainconnect
public-api.wordpress.com/rest/v1.3/domain-connect
-
-
?
Why is there absolutely NO WAY to edit comments when made (if a mistake is seen after adding, that cannot then be deleted or edited out?
Seems a cruddy way of forcing idiots like myself to never comment again?
As I seldom proof-read until after I spot my mistakes, when I go back straight away to correct failed proof readings, or to correct typo errors?
The ONLY options I can find AFTER the “add reply” button is pressed, is useless, as if I NEED to edit something (that I didn’t want linked) why on earth would I want the ONLY option where the normal additional three dots are showing as *** {{COPY LINK}} ???
And, that the ONLY delete function is PLACED inside the active reply area where people type, BEFORE IT GETS “replied into the thread” (as after it goes into the thread, that “pre-reply” DELETE option disappears. -
Hi there,
I also created yet another Cname as *(my domain name), which means ANY subdirectory, is seen as a wildcard and thus also goes directly to my main (master) homepage, as if it was JUST the domain name itself.
Thus as soon as someone types the www.
It (automatically) disappears and is replaced in the browser – with JUST the registered domain name.This is the default setting for DNS on WordPress.com sites, a wildcard CNAME redirecting all subdomains to the root domain. That way if someone enters the www version, or any other subdomain of your site which doesn’t explicitly have its own subdomain CNAME record, they’ll be directed to your site and it’s canonical address.
If you want the www subdomain of your site to redirect somewhere other than the root domain of your site you can create a CName record redirecting that to wherever you’d like it to, however with the server settings on WordPress.com, the www will always be stripped from the domain and it will show in a visitors browser only the root domain. As mentioned this is for reasons of search engine optimization and can’t be changed.
Let us know if there’s anything else we can help with and in the meantime have a great rest of your day.
- The topic ‘SSL certificate not covering my site when www is used’ is closed to new replies.
WordPress.com Forums 