1

I own a .dev domain, which is included on the HSTS preload list. The domain is registered with Namecheap.

Now, when trying to set up redirects (301,302) from my www. to non-www, this is apparently causing problems. Services like http://redirectcheck.com/ show that the redirects are working. Also, using wget or curl, everything is resolved fine.

Unfortunately, when I try to access the URLs that should be redirected with Chrome or Firefox, nothing happens.

I am pretty sure this has to do with how modern browsers handle HSTS. As I understand, they will not redirect from a .dev domain if the other site is not secure. However, the domain I redirect to is my own domain, therefore also a HSTS enabled .dev domain. Shouldn't this work?

HBruijn
  • 84,206
  • 24
  • 145
  • 224
Thomas Kainrad
  • 111

1 Answers1

0

I believe the problem had to with Namecheap and the fact that I am not using one of their certificates. Instead, the site is hosted via GitLab Pages and a Let's Encrypt certificate.

Any way, I "solved" the problem by starting to use CloudFlare and their Page Rules. The page also got faster in the process, and I am content with the free version.

Thomas Kainrad
  • 111