Cloudflare, Custom Domain Publishing, As Well As Https
Friday, January 30, 2015
Edit
A few weblog owners, who divulge blogs published to custom domains, are becoming impatient, waiting for Blogger Engineering to complete the Blogger upgrade to back upward HTTPS / SSL.
HTTPS is non available, for non BlogSpot published blogs.
Whether registered past times eNom, GoDaddy, or Google Domains, it only is non possible to divulge a non BlogSpot URL every bit a supported custom domain, in addition to brand HTTPS / SSL available. CloudFlare, a supposed alternative, does non create a supported custom domain.
A proxied CloudFlare domain looks similar malicious redirection.
In closed to cases, a CloudFlare DNS "solution" tried past times closed to weblog owners, volition expect similar dangerous / malicious redirection. Some blogs volition demo upward every bit "Deceptive sites", aka "phishing".
Some blogs using CloudFlare, for custom domain publishing, volition hold out classified every bit "Deceptive" sites.
Others volition create alarming warnings virtually malware.
"This weblog is non hosted past times Blogger in addition to has non been checked for spam, viruses in addition to other forms of malware."
Click on "Details".
Look at the warning.
And in that place is the typical Dig log, amongst a redirecting proxy service, similar CloudFlare.
or
This is the terra firma for malware / phishing classification.
Any observed malware warning is to a greater extent than ofttimes than non a imitation positive - most custom domain published blogs gain non incorporate malware. Even so, it's non probable that the "Deceptive site" classification volition hold out easily corrected - or the malware warning interstitial display removed.
And this is i to a greater extent than weblog owner, who must adjacent hold out provided teaching to correct the DNS addresses.
Having corrected every bit instructed, DNS addresses volition hold out asymmetrical, in addition to righteous.
With DNS corrected, Google shows "Not dangerous" - but the warning all the same displays.
"Not dangerous".
Note "CloudFlare" is all the same seen every bit the host.
You tin study an error, to SafeBrowsing.
False classification forthwith requires fourth dimension consuming site review.
Use "Report Incorrect Phishing Warning", if y'all believe the site is safe.
Finally, learn the site reviewed, from the Security Issues page inward Security Console (Webmaster Tools) - Security Issues.
And piece the weblog remains offline, search reputation - in addition to the possessor - volition suffer.
Some #Blogger weblog owners desire to supply blogs published to custom domains - in addition to offering HTTPS connectivity. Since Blogger cannot supply custom domains amongst HTTPS right now, the weblog owners are using CloudFlare, which provides an HTTPS proxy.
Unfortunately, a CloudFlare proxy looks similar malicious redirection - in addition to blogs using CloudFlare are beingness labeled every bit "Deceptive" sites.
https://productforums.google.com/forum/#!category-topic/blogger/ApuJ58a4-kg
https://productforums.google.com/forum/#!category-topic/blogger/-LoJCeX6DEA
https://productforums.google.com/forum/#!category-topic/blogger/DhAFOtJFoCw
If I learn a domain through Google Domains, volition I hold out able to learn HTTPS?Unfortunately, no. HTTPS / SSL is only non available, to blogs published to custom domains.
HTTPS is non available, for non BlogSpot published blogs.
Whether registered past times eNom, GoDaddy, or Google Domains, it only is non possible to divulge a non BlogSpot URL every bit a supported custom domain, in addition to brand HTTPS / SSL available. CloudFlare, a supposed alternative, does non create a supported custom domain.
A proxied CloudFlare domain looks similar malicious redirection.
In closed to cases, a CloudFlare DNS "solution" tried past times closed to weblog owners, volition expect similar dangerous / malicious redirection. Some blogs volition demo upward every bit "Deceptive sites", aka "phishing".
Some blogs using CloudFlare, for custom domain publishing, volition hold out classified every bit "Deceptive" sites.
Others volition create alarming warnings virtually malware.
"This weblog is non hosted past times Blogger in addition to has non been checked for spam, viruses in addition to other forms of malware."
Click on "Details".
Look at the warning.
Phishing sites pretend to hold out other websites to push clit a fast i on you.
And in that place is the typical Dig log, amongst a redirecting proxy service, similar CloudFlare.
kireisubs.id. 300 IN H5N1 104.27.133.198
www.kireisubs.id. 300 IN H5N1 104.27.133.198
or
topmovies21.biz. 300 IN H5N1 104.28.0.106
www.topmovies21.biz. 300 IN H5N1 104.28.0.106
This is the terra firma for malware / phishing classification.
Any observed malware warning is to a greater extent than ofttimes than non a imitation positive - most custom domain published blogs gain non incorporate malware. Even so, it's non probable that the "Deceptive site" classification volition hold out easily corrected - or the malware warning interstitial display removed.
And this is i to a greater extent than weblog owner, who must adjacent hold out provided teaching to correct the DNS addresses.
Having corrected every bit instructed, DNS addresses volition hold out asymmetrical, in addition to righteous.
kireisubs.id. 86400 IN H5N1 216.239.32.21
kireisubs.id. 86400 IN H5N1 216.239.34.21
kireisubs.id. 86400 IN H5N1 216.239.36.21
kireisubs.id. 86400 IN H5N1 216.239.38.21
www.kireisubs.id. 86400 IN CNAME ghs.google.com.
With DNS corrected, Google shows "Not dangerous" - but the warning all the same displays.
"Not dangerous".
Note "CloudFlare" is all the same seen every bit the host.
You tin study an error, to SafeBrowsing.
False classification forthwith requires fourth dimension consuming site review.
Use "Report Incorrect Phishing Warning", if y'all believe the site is safe.
Finally, learn the site reviewed, from the Security Issues page inward Security Console (Webmaster Tools) - Security Issues.
And piece the weblog remains offline, search reputation - in addition to the possessor - volition suffer.
Some #Blogger weblog owners desire to supply blogs published to custom domains - in addition to offering HTTPS connectivity. Since Blogger cannot supply custom domains amongst HTTPS right now, the weblog owners are using CloudFlare, which provides an HTTPS proxy.
Unfortunately, a CloudFlare proxy looks similar malicious redirection - in addition to blogs using CloudFlare are beingness labeled every bit "Deceptive" sites.
https://productforums.google.com/forum/#!category-topic/blogger/ApuJ58a4-kg
https://productforums.google.com/forum/#!category-topic/blogger/-LoJCeX6DEA
https://productforums.google.com/forum/#!category-topic/blogger/DhAFOtJFoCw