Reputation: 343
cname redirect causing phishing warning in heroku
I changed my CNAME Records as outlined in this link https://devcenter.heroku.com/articles/custom-domains. The redirect itself works, the issue is in Chrome (and I assume other browsers) It gives me a phishing alert.
This is probably not the site you are looking for!
You attempted to reach app.grewpr.com, but instead you actually reached a server i identifying itself as *.herokuapp.com. This may be caused by a misconfiguration on the server or by something more serious. An attacker on your network could be trying to get you to visit a fake (and potentially harmful) version of app.grewpr.com.
You should not proceed, especially if you have never seen this warning before for this site.
How would I fix this error? It also puts a red line through the https lock.
Upvotes: 5
Views: 1728
Answers (2)
Reputation: 176
Had the same problem. Your custom domain app uses your host certificate. Whether buy SSL addon or if 'http' is ok for you then change ssl settings for your app. In "environments/production.rb" there must be following configuration "config.force_ssl = false" which by default is set to true. Had to reset Firefox to take effect. Other browsers were ok.
Upvotes: 1
Reputation: 30143
Since you're using HTTPS, you should follow slightly different DNS configuration instructions: https://devcenter.heroku.com/articles/ssl#configuredns
Upvotes: 3
Related Questions
- 1&1 domain pointing to Heroku
- Rails Heroku SSL https:// redirect
- Heroku - custom domain DNS
- CNAME records and Heroku domains
- CNAME Issue with Custom Domains
- Heroku custom domain rewritten to herokuapp URL
- CNAME + PointDNS + HEROKU not working properly
- Custom Heroku name only masking the root page
- DNS Mystery in Heroku CNAME Redirection
- Rails manually redirecting from naked domain