Garbage level

Before I leave I wanted to say that this hosting is garbage.
I wanted to find a free hosting with free SSL certificate.
Some website pointed me to this one.
Looking in the control panel I saw that the SSL is free only if you upgrade, which means it’s not free, sof there’s false advertision, which BTW in my country is illegal, but anyway.
They could’ve put a wildcard certificate which woul’ve covered all the subdomain including my own, but yeah, they are too cheap for that.
Then I said I will get one from Let’s encrypt, but guess what, bot online certificate issuers for Let’s encrypt that I tried failed the verification step even though I’ve put the verification files correctly and they were accesible when I tried them.
Got the feeling of something fishy going one.
Then I saw the message on the second certificate issuer that the host probably blocks bots.

I must say, that this hosting is garbage level.
Don’t tell me the excuse with the security feature not allowing tools or bots, that’s just crap.
Making these cheap trick to force people to upgrade is disgusting and I will never upgrade or buy
anything or recommend anyone to such a service.
Forcing me to post this on a forum instead of a contact for also is not good.
Thanks for wasting my time!

Hello,

SSL is free, you probably meant about the “Upgrade” button, in the Premium plan it’s just automatic renewal of your certificate which is not available on free hosting but you can still install a free certificate if you have one.

You want the owner to pay for your SSL? It’s a hassle to do that. If you want to get an SSL certificate, get a real domain name instead, you can either buy one or get a free one. I’m sure that no free hosting provider would use a wildcard to cover all subdomain sites by clients.

There’s already an SSL certificate issuer in the Client Area which would work, what you are using which is sslforfree is different and is incompatible.

Also please take note that only Top Level Domain names will work and will not work with subdomains.

2 Likes

They want to force you to upgrade so they block the verification of every free SSL provider.
This looks to me like Microsoft’s style of pushing people which is garbage!
I will not ever upgrade on such service or recommend it to anyone.

Hello,

Bold you you to assume that but anyways,
The purpose why InfinityFree blocks the verification challenge of SSLforFree is because of the security system, the security system is responsible to protect clients websites and the free hosting server at the same time. The security system helps that your site won’t be accessible by bots but only normal humans using normal browsers and many more.
To know more about the security system please check the following KB article:
https://infinityfree.net/support/javascript-error-using-api-or-mobile-android-app/

Also you can get Free SSL from Let’s Encrypt by using the SSL certificate feature in the Client Area anyways.

2 Likes

Yeah right, “security feature”.
I’m sure there could be a way if someone wanted to allow this.
And don’t remind me about getting Let’s Encrypt SSL certificates from the Client area which doesn’t work if you don’t upgrade.
So I need to pay money to get a free certificate.
Wow, nice invention.
I never thought of this before.

It’s free to use, it only works with TLD domains and not subdomains, I even use it without a problem and I’m even not paying for it.

No you don’t, it’s the domain name that you will have to pay or get. You can get a free one from Freenom

1 Like

What?
There’s such a thing as free domains?
Never heard of that.
And I’m half on the way out, I’ve deaactivated my cound for deletion.
But now that you said about, this I will check it out to see if I made a mistake.

Ok, I have tested Freenom and they say not a single one of what I searched is available.
Then I looked for an alternative to Freenom and I found dot.tk which again says that there is not domain available from what I searched and I am not even using english words.
And guess what this one has 99% the same interface.
I assume this hosting and those domain have the same owner interested only to get money and actually nothing is free.
So thanks, but no thank!

Hello,

InfinityFree and Freenom is a complete different company.
dot.tk is giving freenom the access to make people register with their domain name or you could say dot.tk is using freenom as a tool so that people can register .tk domains directly in freenom.

Also really?? You’re not gonna test one out? It’s your problem now, if you don’t want a free domain name then buy one. Many Free Hosting out there does not even support Free SSL, at least in here you can get one and install one under the condition that it will only work with Top Level Domains. These feature is mostly not available to other free hosting providers and want you to upgrade to a paid plan.

You clearly don’t know how free hosting and freenom works.

3 Likes

This works without an upgrade. I don’t know why you are assuming it doesn’t?

1 Like

Please be aware that information about our service displayed on “some website” are not our responsibility, and may be inaccurate or out of date. Please don’t call us scammers because some random website didn’t correctly inform you about our service.

If we could change the text in the control panel, then we would, because it’s just wrong.

If you actually check the client area at app.infinityfree.net, you’ll see that there is an SSL Certificates section, which does actually provide SSL certificates. Those are free SSL certificates which can be used on free hosting.

We’re working on integrating this right now, but getting the SSL certificate management automated correctly is proving to be more challenging that we’ve hoped.

Let’s Encrypts rate limits on wildcard certificates are brutal. We’re doing our best.

That’s why we built our own SSL Certificates system which uses the CNAME records option from our panel to perform the domain verification.

Nothing fishy going on here! Just a bit of misunderstanding. All your problems are solved if you just use the SSL Certificates section in the client area.

Again, if we could make this more clear in the control panel, we would.

Can you please remind us then why it doesn’t work if you don’t upgrade? Because it’s supposed to just work for free.

As for “then why can’t I use free subdomains”, that’s - again - because of the brutal rate limits from Let’s Encrypt.

5 Likes

Okay, if you want SSL certificates. You unfortunately cannot use sslforfree.com, the only thing that works is the Let’s Encrypt (You know this website I presume), through the client area SSL certificates. This is because of the security systems, which is a javascript challenge, in which your browser (If it is a real visitor) will execute and generate a cookie. This cookie will be sent everytime to validate your browser. If you don’t believe it, you can look through the code through your browser inspector. It is called aes.js. Free Subdomains unfortunately cannot receive SSL certificates (The ones that are provided is epizy.com and rf.gd).
Or if you have a top-level domain (not a subdomain), use Cloudflare to get an SSL certificate.

2 Likes

Ok, “security feature”, “javascript challenge”, etc.
They why can’t the hosting temporary turn off the protection, get two wildcard certificates like for:
*.epizy.com and *.rf.gd domains ?
Look at how wordpress.com did it.
And as far as I remember Let’s Encrypt offers wildcard certificates for free also.
I’ve done it for myself once when I was hosting multiple subdomains on my Raspberry pi server.
If I managed to do it for fun on my Raspberry pi small server, I bet a hosting service like this could do it also.
The excuses are for kids or naive people.

Because of bots that they can damage servers?! You can enable Cloudflare in order to disable these, which won’t work on subdomains.

3 Likes

That won’t work because:

  • Wildcard SSL certificates require DNS verification. HTTP verification can only be used with single domain certificates with Let’s Encrypt. But iFastNet would control both the SSL certificates and the nameservers, so that’s no problem.
  • There are many, many, many more domains than just those two on the platform. There are a few dozen domains for general purposes, we have a few more domains ourselves on the platform and there are many more resellers and brands on the same platform who also may have multiple domains.

This is actually being worked on. But again, Let’s Encrypt’s rate limits are brutal, which is what makes it complicated.

You take the words out of my mouth.

Getting a free SSL cert on a home lab domain and getting free SSL on a platform hosting millions of websites are not the same. It’s naive to assume that if it’s easy on your mini computer, that it’s also easy for a large hosting provider.

Because let me tell you: simple things become hard if done at scale.

3 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.