Indicates that there is no security when accessing the site

Hi, everyone!

When you visit these sites, notice that there is no security first, then the lock icon appears.

temur.ml
http://temur.ml
www.temur.ml

If you log in this way, a security icon will appear in the initial state. – https://temur.ml

What could be the reason?

The reason for this is because the first link is the HTTP version, the one which DOES NOT use SSL, this redirects to the HTTPS version (second link) and then automatically uses SSL.

4 Likes

Yes I know, but when you visit other websites, the security icon appears first, right? In mine, after a second.

It’s because it first reaches a part that checks if the visitor is browser or not, This part doesn’t have ssl if you visit with http, later it’ll redirect you to your actual site which has ssl.

And since your site redirects http to https when it’s being visited with http, it’ll take a bit to force to https.

4 Likes

If you want to force your site to use a secure connection.
Insert this into your .htaccess file in the htdocs folder:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

This will let the browser know that you want your site to use secure connection (https) and when someone visits your site it will automatically use the https:// prefix just like some other sites.

2 Likes

I used exactly this method.

How can this be forwarded to HTTPS immediately?

It cannot unless you visit your site with https,
it’s not a big problem if it redirects to https in 1 second :slight_smile:

Needless to say, this is not the case with other websites. This is only happening with my website.

This will happen with other websites too if you request the HTTP version for the first time. Most browsers, when they have already visited a site will automatically use the HTTPS version even when requesting HTTP manually by the users, because the browser knows that the site has SSL support.

3 Likes

If you manually type into your browser http://yoursite.com, then it will automatically redirect in order to use HTTPS, which is what I think you are seeing.

Thanks to everyone for the feedback. But this is not the solution to the problem. Anyway, I’m looking for a solution to the problem on the Internet.

I don’t see a problem with the site as it is. It changes to https after about half a second!

Certainly not on other sites.

Why isn’t this the case on other websites?
Other websites redirect to HTTPS first. Not just mine.

Don’t think he talks too much. I saw your website, can you help me with this as long as you don’t have such a problem?

I installed the SSL certificate via Cloudflare.

Also my site takes a bit to switch to https. But i don’t take it as problem.

1 Like

It’s not even an issue. If it takes half a second more to load, nobody is going to pick you up on it!

Well friends. What can I say :smiling_face:

It may be a bit of a wild goose chase, but HSTS with HSTS Preloading can be used to enforce that your website can never be opened over an unsecure connection. Not sure how practical that is, but it may be worth looking in to.

2 Likes