Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: bdauto.co.za
SSL has been STRIPPED and under attack - is lets encrypt not secure?
I know for a fact that I am under attack from a developer in south Africa;. The client/bdauto - has decided to use them and ever since becoming aware of this - we have seen a number of botnets sending enormous amounts of traffic.
Now with no padlock (doesn't really mean much I suppose) but I have just enabled a wildcard (again not that secure I know) however It seems too much of a coincidence.
Could someone have tried to put a new SSL on this domain without my authorisation:?
Could a standard external domain certificate override an existing one - as it simply does not need authorising that you are the domain holder right
Since re-enabling the wildcard - I have no got the "pad" however on my CMS's. namely one of the CMS's is insecure under a particular admin but secure with another admin. Its very strange. I am currently doing a "better search replace" to see if there are issues.