Potential Security Risk Ahead Error on non-www urls

Question

My issue is when I open my website without WWW then it doesn’t redirect to https://www.admecindia.co.in, in result page doesn’t open up and shows ‘Security Error’ like this:

Warning: Potential Security Risk Ahead

Firefox detected a potential security threat and did not continue to admecindia.co.in. If you visit this site, attackers could try to steal information like your passwords, emails, or credit card details.

When i click on the Advanced Button given there, then it shows this.

Websites prove their identity via certificates. Firefox does not trust this site because it uses a certificate that is not valid for admecindia.co.in. The certificate is only valid for www.admecindia.co.in.

Error code: SSL_ERROR_BAD_CERT_DOMAIN

my .htaccess code is:

<IfModule mod_rewrite.c>
 RewriteEngine On
  RewriteBase /

  RewriteCond %{HTTP_HOST} ^admecindia\.co\.in$ [NC]
  RewriteRule ^(.*)$ https://www.admecindia.co.in/$1 [L,R=301]
 

  RewriteRule ^index\.php$ - [L]
  RewriteCond %{REQUEST_FILENAME} !-f
  RewriteCond %{REQUEST_FILENAME} !-d
  RewriteRule . /index.php [L]

</IfModule>

thanks

Bobby Iliev · Accepted Answer

Hi there @ravibhadauria143 , It looks like that your Let’s Encrypt was issued only for the www version of your domain name. I would recommend issuing a new SSL certificate which would include both the non-www and the www version. To do that, I would recommend following the steps from this tutorial here: https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-18-04 Basically, when you run the certbot command, you need to make sure that you specify the two versions: sudo certbot --apache -d <^>your_domain<^> -d <^>www.your_domain<^> Hope that this helps!Regards,Bobby

Related Questions

Question

Potential Security Risk Ahead Error on non-www urls

Popular Topics

Questions