An Important Update

Dear Followers Of This Blog ...

If you did not use a Blogger / Google account when you Followed this blog, years ago, you are probably not Following now . During the past...

Thursday, March 31, 2016

CloudFlare, Custom Domain Publishing, And HTTPS

A few blog owners, who publish blogs published to custom domains, are becoming impatient, waiting for Blogger Engineering to finish the Blogger upgrade to support HTTPS / SSL.
If I get a domain through Google Domains, will I be able to get HTTPS?
Unfortunately, no. HTTPS / SSL is simply not available, to blogs published to custom domains.

HTTPS is not available, for non BlogSpot published blogs.

Whether registered by eNom, GoDaddy, or Google Domains, it simply is not possible to publish a non BlogSpot URL as a supported custom domain, and make HTTPS / SSL available. CloudFlare, a supposed alternative, does not produce a supported custom domain.

A proxied CloudFlare domain looks like malicious redirection.

In some cases, a CloudFlare DNS "solution" tried by some blog owners, will look like dangerous / malicious redirection. Some blogs will show up as "Deceptive sites", aka "phishing".


Some blogs using CloudFlare, for custom domain publishing, will be classified as "Deceptive" sites.



Others will produce alarming warnings about malware.


"This blog is not hosted by Blogger and has not been checked for spam, viruses and other forms of malware."




Click on "Details".



Look at the warning.

Phishing sites pretend to be other websites to trick you.

And there is what you get, with a redirecting proxy service, like CloudFlare.

kireisubs.id. 300 IN A 104.27.133.198
www.kireisubs.id. 300 IN A 104.27.133.198

or

topmovies21.biz. 300 IN A 104.28.0.106
www.topmovies21.biz. 300 IN A 104.28.0.106

This is the basis for malware / phishing classification.

This is most likely a false positive - most custom domain published blogs do not contain malware. Even so, it's not likely that the "Deceptive site" classification will be easily corrected, or the malware warning interstitial removed.

And this is one more blog owner, who must next be provided instruction to correct the DNS addresses.

Having corrected as instructed, DNS addresses are now asymmetrical, and righteous.

kireisubs.id. 86400 IN A 216.239.32.21
kireisubs.id. 86400 IN A 216.239.34.21
kireisubs.id. 86400 IN A 216.239.36.21
kireisubs.id. 86400 IN A 216.239.38.21
www.kireisubs.id. 86400 IN CNAME ghs.google.com.

With DNS corrected, Google shows "Not dangerous" - but the warning still displays.


"Not dangerous".




Note "CloudFlare" is still seen as the host.




You can report an error, to SafeBrowsing.



False classification now requires time consuming site review.

Use "Report Incorrect Phishing Warning", if you believe the site is safe.

Finally, get the site reviewed, from the Security Issues page in Security Console (Webmaster Tools) - Security Issues.

And while the blog remains offline, search reputation - and the owner - will suffer.



Some #Blogger blog owners want to provide blogs published to custom domains - and offer HTTPS connectivity. Since Blogger cannot provide custom domains with HTTPS right now, the blog owners are using CloudFlare, which provides an HTTPS proxy.

Unfortunately, a CloudFlare proxy looks like malicious redirection - and blogs using CloudFlare are being labeled as "Deceptive" sites.

https://productforums.google.com/forum/#!category-topic/blogger/ApuJ58a4-kg

https://productforums.google.com/forum/#!category-topic/blogger/-LoJCeX6DEA

https://productforums.google.com/forum/#!category-topic/blogger/DhAFOtJFoCw

Dude, hit me with a comment!