Google .dev domain strangely redirects to https Planned maintenance scheduled April 23, 2019...
Central Vacuuming: Is it worth it, and how does it compare to normal vacuuming?
Take 2! Is this homebrew Lady of Pain warlock patron balanced?
What is the meaning of 'breadth' in breadth first search?
Most bit efficient text communication method?
What does the power rating of 10W mean?
What would you call this weird metallic apparatus that allows you to lift people?
How to write capital alpha?
How to plot logistic regression decision boundary?
How were pictures turned from film to a big picture in a picture frame before digital scanning?
Is it possible for SQL statements to execute concurrently within a single session in SQL Server?
What order were files/directories outputted in dir?
Why is there Net Work Done on a Pressure/Volume Cycle?
Do wooden building fires get hotter than 600°C?
Project Euler #1 in C++
How to run automated tests after each commit?
Is there any word for a place full of confusion?
Put R under double integral
Crossing US/Canada Border for less than 24 hours
What to do with repeated rejections for phd position
Google .dev domain strangely redirects to https
Importance of からだ in this sentence
What do you call the main part of a joke?
What was the first language to use conditional keywords?
Did Mueller's report provide an evidentiary basis for the claim of Russian govt election interference via social media?
Google .dev domain strangely redirects to https
Planned maintenance scheduled April 23, 2019 at 00:00UTC (8:00pm US/Eastern)
Announcing the arrival of Valued Associate #679: Cesar Manara
Unicorn Meta Zoo #1: Why another podcast?google apps domain verification issuesOptimize TOR websiteCan I configure Google Domains to redirect a bare domain to a subdomain over HTTPS?Google keeps ranking my main domain instead of my subdomainConfiguring Google Domains/Domain ForwardingsNginx: set Content-Type by URI problemEffects of incorrect 301 redirectsPreventing URLs ending in “/” from search engine indexes with robots.txt or rewrite rule“GitHub Pages currently does not support IPv6” when using my domain registered at Google domainsHow can I upload a sitemap to my Google Sites site with a custom URL?
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ margin-bottom:0;
}
I bought a .dev domain today @ domains.google. I also set up a dedicated nginx web server to which the .dev domain points (A records).
Very strangely, I can't access my nginx welcome page using my example.dev domain, because for some weird reason I'm redirected to https://example.dev which then fails (no connection can be established). However, ALL other domains pointing to this new server work seamless. Like example.com just works. I didn't configure ANYTHING in nginx, just installed it. Obviously enough, this has something to do with Google as the registrar. OK - so I shall contact the Google support, right? Yes. I did that, however, some very silly support girl told me this was something I needed to handle on my side and always referring to 'contact your web host' (which isn't too much of an advice since I'm the host).
I tried everything in the Google console, but I can't get it to work. The Google support was very, very disappointing and I'm now hoping to see some resolutions on this problem.
google nginx debian google-domains
edited 6 hours ago
Stephen Ostermiller♦
69.9k1396253
asked 6 hours ago
JohnnyJohnny
182
New contributor
Johnny is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
I bought a .dev domain today @ domains.google. I also set up a dedicated nginx web server to which the .dev domain points (A records).
Very strangely, I can't access my nginx welcome page using my example.dev domain, because for some weird reason I'm redirected to https://example.dev which then fails (no connection can be established). However, ALL other domains pointing to this new server work seamless. Like example.com just works. I didn't configure ANYTHING in nginx, just installed it. Obviously enough, this has something to do with Google as the registrar. OK - so I shall contact the Google support, right? Yes. I did that, however, some very silly support girl told me this was something I needed to handle on my side and always referring to 'contact your web host' (which isn't too much of an advice since I'm the host).
I tried everything in the Google console, but I can't get it to work. The Google support was very, very disappointing and I'm now hoping to see some resolutions on this problem.
google nginx debian google-domains
edited 6 hours ago
Stephen Ostermiller♦
69.9k1396253
asked 6 hours ago
JohnnyJohnny
182
New contributor
Johnny is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
I bought a .dev domain today @ domains.google. I also set up a dedicated nginx web server to which the .dev domain points (A records).
Very strangely, I can't access my nginx welcome page using my example.dev domain, because for some weird reason I'm redirected to https://example.dev which then fails (no connection can be established). However, ALL other domains pointing to this new server work seamless. Like example.com just works. I didn't configure ANYTHING in nginx, just installed it. Obviously enough, this has something to do with Google as the registrar. OK - so I shall contact the Google support, right? Yes. I did that, however, some very silly support girl told me this was something I needed to handle on my side and always referring to 'contact your web host' (which isn't too much of an advice since I'm the host).
I tried everything in the Google console, but I can't get it to work. The Google support was very, very disappointing and I'm now hoping to see some resolutions on this problem.
google nginx debian google-domains
edited 6 hours ago
Stephen Ostermiller♦
69.9k1396253
asked 6 hours ago
JohnnyJohnny
182
New contributor
Johnny is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
I bought a .dev domain today @ domains.google. I also set up a dedicated nginx web server to which the .dev domain points (A records).
Very strangely, I can't access my nginx welcome page using my example.dev domain, because for some weird reason I'm redirected to https://example.dev which then fails (no connection can be established). However, ALL other domains pointing to this new server work seamless. Like example.com just works. I didn't configure ANYTHING in nginx, just installed it. Obviously enough, this has something to do with Google as the registrar. OK - so I shall contact the Google support, right? Yes. I did that, however, some very silly support girl told me this was something I needed to handle on my side and always referring to 'contact your web host' (which isn't too much of an advice since I'm the host).
I tried everything in the Google console, but I can't get it to work. The Google support was very, very disappointing and I'm now hoping to see some resolutions on this problem.
google nginx debian google-domains
google nginx debian google-domains
edited 6 hours ago
Stephen Ostermiller♦
69.9k1396253
asked 6 hours ago
JohnnyJohnny
182
New contributor
Johnny is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
edited 6 hours ago
Stephen Ostermiller♦
69.9k1396253
asked 6 hours ago
JohnnyJohnny
182
New contributor
Johnny is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
edited 6 hours ago
Stephen Ostermiller♦
69.9k1396253
edited 6 hours ago
Stephen Ostermiller♦
69.9k1396253
edited 6 hours ago
Stephen Ostermiller♦
69.9k1396253
69.9k1396253
asked 6 hours ago
JohnnyJohnny
182
New contributor
Johnny is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked 6 hours ago
JohnnyJohnny
182
asked 6 hours ago
JohnnyJohnny
182
182
New contributor
Johnny is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
Johnny is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Johnny is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
.dev domains are HTTPS only. It isn't a redirect. It is HSTS preload.
HSTS is a technology that lets domains declare that they are HTTPS only. It is meant to mitigate against protocol downgrade attacks. The first time you visit a site that wants to use HSTS, you get a header that prevents you from ever visiting that domain on HTTP.
The HSTS preload list is built into web browsers so that the browser knows a site is HTTPS only, even before the first visit. If a site is on the HSTS preload list, it will never be able to be accessed via HTTP in that browser, only via HTTPS.
Google has put the entire .dev top level domain on the HSTS preload list. That means that no .dev domain will ever be able run as an HTTP site.
When you registered your .dev domain, the Google registry told you this on the front page under the "Security benifits" section:
Get built in security
Your security is our priority. The .dev top-level domain is included on the HSTS preload list, making HTTPS required on all connections to .dev websites and pages without needing individual HSTS registration or configuration. Security is built in.
Currently only Firefox and Chrome support this HSTS preload. If you want to be able to test your site before you have HTTPS set up, you could use a different browser. You also might be able to modify your browser settings to disable HSTS.
Because of the HSTS preload, you will need to run your .dev domain on an HTTPS server so that users can access it.
answered 6 hours ago
Stephen Ostermiller♦Stephen Ostermiller
69.9k1396253
1
That's it. I must have missed this piece of info, and the support team wouldn't remind me of this fact again (even though I think it's pretty obvious I was missing exactly this info).
– Johnny
5 hours ago
1
Yes, support should have been able to tell you this.
– Stephen Ostermiller♦
5 hours ago
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "45"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Johnny is a new contributor. Be nice, and check out our Code of Conduct.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fwebmasters.stackexchange.com%2fquestions%2f122337%2fgoogle-dev-domain-strangely-redirects-to-https%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
.dev domains are HTTPS only. It isn't a redirect. It is HSTS preload.
HSTS is a technology that lets domains declare that they are HTTPS only. It is meant to mitigate against protocol downgrade attacks. The first time you visit a site that wants to use HSTS, you get a header that prevents you from ever visiting that domain on HTTP.
The HSTS preload list is built into web browsers so that the browser knows a site is HTTPS only, even before the first visit. If a site is on the HSTS preload list, it will never be able to be accessed via HTTP in that browser, only via HTTPS.
Google has put the entire .dev top level domain on the HSTS preload list. That means that no .dev domain will ever be able run as an HTTP site.
When you registered your .dev domain, the Google registry told you this on the front page under the "Security benifits" section:
Get built in security
Your security is our priority. The .dev top-level domain is included on the HSTS preload list, making HTTPS required on all connections to .dev websites and pages without needing individual HSTS registration or configuration. Security is built in.
Currently only Firefox and Chrome support this HSTS preload. If you want to be able to test your site before you have HTTPS set up, you could use a different browser. You also might be able to modify your browser settings to disable HSTS.
Because of the HSTS preload, you will need to run your .dev domain on an HTTPS server so that users can access it.
answered 6 hours ago
Stephen Ostermiller♦Stephen Ostermiller
69.9k1396253
1
That's it. I must have missed this piece of info, and the support team wouldn't remind me of this fact again (even though I think it's pretty obvious I was missing exactly this info).
– Johnny
5 hours ago
1
Yes, support should have been able to tell you this.
– Stephen Ostermiller♦
5 hours ago
add a comment |
.dev domains are HTTPS only. It isn't a redirect. It is HSTS preload.
HSTS is a technology that lets domains declare that they are HTTPS only. It is meant to mitigate against protocol downgrade attacks. The first time you visit a site that wants to use HSTS, you get a header that prevents you from ever visiting that domain on HTTP.
The HSTS preload list is built into web browsers so that the browser knows a site is HTTPS only, even before the first visit. If a site is on the HSTS preload list, it will never be able to be accessed via HTTP in that browser, only via HTTPS.
Google has put the entire .dev top level domain on the HSTS preload list. That means that no .dev domain will ever be able run as an HTTP site.
When you registered your .dev domain, the Google registry told you this on the front page under the "Security benifits" section:
Get built in security
Your security is our priority. The .dev top-level domain is included on the HSTS preload list, making HTTPS required on all connections to .dev websites and pages without needing individual HSTS registration or configuration. Security is built in.
Currently only Firefox and Chrome support this HSTS preload. If you want to be able to test your site before you have HTTPS set up, you could use a different browser. You also might be able to modify your browser settings to disable HSTS.
Because of the HSTS preload, you will need to run your .dev domain on an HTTPS server so that users can access it.
answered 6 hours ago
Stephen Ostermiller♦Stephen Ostermiller
69.9k1396253
1
That's it. I must have missed this piece of info, and the support team wouldn't remind me of this fact again (even though I think it's pretty obvious I was missing exactly this info).
– Johnny
5 hours ago
1
Yes, support should have been able to tell you this.
– Stephen Ostermiller♦
5 hours ago
add a comment |
.dev domains are HTTPS only. It isn't a redirect. It is HSTS preload.
HSTS is a technology that lets domains declare that they are HTTPS only. It is meant to mitigate against protocol downgrade attacks. The first time you visit a site that wants to use HSTS, you get a header that prevents you from ever visiting that domain on HTTP.
The HSTS preload list is built into web browsers so that the browser knows a site is HTTPS only, even before the first visit. If a site is on the HSTS preload list, it will never be able to be accessed via HTTP in that browser, only via HTTPS.
Google has put the entire .dev top level domain on the HSTS preload list. That means that no .dev domain will ever be able run as an HTTP site.
When you registered your .dev domain, the Google registry told you this on the front page under the "Security benifits" section:
Get built in security
Your security is our priority. The .dev top-level domain is included on the HSTS preload list, making HTTPS required on all connections to .dev websites and pages without needing individual HSTS registration or configuration. Security is built in.
Currently only Firefox and Chrome support this HSTS preload. If you want to be able to test your site before you have HTTPS set up, you could use a different browser. You also might be able to modify your browser settings to disable HSTS.
Because of the HSTS preload, you will need to run your .dev domain on an HTTPS server so that users can access it.
answered 6 hours ago
Stephen Ostermiller♦Stephen Ostermiller
69.9k1396253
.dev domains are HTTPS only. It isn't a redirect. It is HSTS preload.
HSTS is a technology that lets domains declare that they are HTTPS only. It is meant to mitigate against protocol downgrade attacks. The first time you visit a site that wants to use HSTS, you get a header that prevents you from ever visiting that domain on HTTP.
The HSTS preload list is built into web browsers so that the browser knows a site is HTTPS only, even before the first visit. If a site is on the HSTS preload list, it will never be able to be accessed via HTTP in that browser, only via HTTPS.
Google has put the entire .dev top level domain on the HSTS preload list. That means that no .dev domain will ever be able run as an HTTP site.
When you registered your .dev domain, the Google registry told you this on the front page under the "Security benifits" section:
Get built in security
Your security is our priority. The .dev top-level domain is included on the HSTS preload list, making HTTPS required on all connections to .dev websites and pages without needing individual HSTS registration or configuration. Security is built in.
Currently only Firefox and Chrome support this HSTS preload. If you want to be able to test your site before you have HTTPS set up, you could use a different browser. You also might be able to modify your browser settings to disable HSTS.
Because of the HSTS preload, you will need to run your .dev domain on an HTTPS server so that users can access it.
answered 6 hours ago
Stephen Ostermiller♦Stephen Ostermiller
69.9k1396253
edited 6 hours ago
answered 6 hours ago
Stephen Ostermiller♦Stephen Ostermiller
69.9k1396253
answered 6 hours ago
Stephen Ostermiller♦Stephen Ostermiller
69.9k1396253
answered 6 hours ago
Stephen Ostermiller♦Stephen Ostermiller
69.9k1396253
69.9k1396253
1
That's it. I must have missed this piece of info, and the support team wouldn't remind me of this fact again (even though I think it's pretty obvious I was missing exactly this info).
– Johnny
5 hours ago
1
Yes, support should have been able to tell you this.
– Stephen Ostermiller♦
5 hours ago
add a comment |
1
That's it. I must have missed this piece of info, and the support team wouldn't remind me of this fact again (even though I think it's pretty obvious I was missing exactly this info).
– Johnny
5 hours ago
1
Yes, support should have been able to tell you this.
– Stephen Ostermiller♦
5 hours ago
1
1
That's it. I must have missed this piece of info, and the support team wouldn't remind me of this fact again (even though I think it's pretty obvious I was missing exactly this info).
– Johnny
5 hours ago
That's it. I must have missed this piece of info, and the support team wouldn't remind me of this fact again (even though I think it's pretty obvious I was missing exactly this info).
– Johnny
5 hours ago
1
1
Yes, support should have been able to tell you this.
– Stephen Ostermiller♦
5 hours ago
Yes, support should have been able to tell you this.
– Stephen Ostermiller♦
5 hours ago
add a comment |
Johnny is a new contributor. Be nice, and check out our Code of Conduct.
Johnny is a new contributor. Be nice, and check out our Code of Conduct.
Johnny is a new contributor. Be nice, and check out our Code of Conduct.
Johnny is a new contributor. Be nice, and check out our Code of Conduct.
Thanks for contributing an answer to Webmasters Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fwebmasters.stackexchange.com%2fquestions%2f122337%2fgoogle-dev-domain-strangely-redirects-to-https%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
