Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Lolu chungechunge lwabekwa kunqolobane. Uyacelwa ubuze umbuzo omusha uma udinga usizo.

Why is Firefox falsely submitting websites as https?

  • 8 uphendule
  • 1 inale nkinga
  • 5 views
  • Igcine ukuphendulwa ngu jradel

more options

I have 5 websites and at least 2 of them are submitted as https when they are not. Why is this happening?

I have 5 websites and at least 2 of them are submitted as https when they are not. Why is this happening?

All Replies (8)

more options

Please provide a public link (no password) that we can check out. No Personal Information Please !

more options

OK these two websites I own are not HTTPS and yet here are the screen shots of the links as Firefox are displaying them see attached I found this out because I copied the page link whilst verifying on Google. Even google doesn't distinguish.

more options

Please print out the links. Not a screenshot.

more options

If you check the certificates for these two websites then you will notice a valid certificate chain, so there is nothing wrong with what you see in Firefox. The certificate test passes, but security could be better.

more options

In my limited knowledge I naturally assumed that the HTTPS was supposed to denote a secure website with a SSL Certificates which mine do not. So this means that having a 'valid certificate chain' means that it can turn this into what looks like it has a SSL cert. - Is that what your saying?

more options

To be able to connect securely via the https:// protocol, a server needs to have a certificate and possible intermediate certificates installed and in these cases it is working properly.

What makes you think that Firefox is falsely assuming that this connection is secure ?

It is quite possible that the hosting company has installed all certificates automatically if you haven't done this yourself.

more options

The hosting company has not installed the SSL certs nor my admin for the websites and the reason for showing screen shots was to show how they appear in the browser bar. This does not happen on Google or Safari or Opera etc - therefore I conclude that there is something wrong with why Firefox displays a 'false' HTTPS' . This is the reason I asked the question in the first place. I would not have noticed this if I hadn't been copy and pasting into Google verification and getting 2 different browser bars with and without SSL.

more options

https://www.draycote-fly-fishers-assoc.co.uk/ http://www.draycote-fly-fishers-assoc.co.uk/

both exist. As such, any protestations by providers and admins that they have not installed SSL certs is probably only indication that they did not deliberately install such certs while actually paying sufficient attention. In fact, given that the cert for the latter site was issued by cPanel, Inc. (you can see this for yourself by clicking on the padlock and asking for more information), I would have a nice little chat with the appropriate party about the cPanel AutoSSL function, and might this have been turned on during some upgrade or another? This handy little feature automatically installs certs that are free of charge.

That said, I would suggest that you embrace use of HTTPS, as that is considered best practice these days, even for sites without any confidential information. Apparently you're not being charged extra for it. And as cor-el pointed out above, it is configured just fine (a grade of B from SSLlabs is nothing to worry about if you're not handling confidential information).

And if you must, go to https://www.draycote-fly-fishers-assoc.co.uk/ in all those other browsers.... I bet it works just fine in all of them too.