Someone generated a certificate


#1

Hi, last night my website started accepting only HTTPS connection? I have changed nothing, it appears to have a signed by a ‘Lets Encrypt’ certificate, i did not do this…who did and how?? Any help would be appreciated, thanks

My domain is: cookconcise.ltd

My web server is (include version): Joomla 3.8.12


#2

Who’s your hosting provider? Because they probably did this.


#3

yay.com…provide the DNS i called them they have no idea…I am hosting the very small website


#4

Well, Let’s Encrypt didn’t issue a certificate on their own, and they certainly didn’t configure your website to use it. And if your site is showing secure with the Let’s Encrypt cert, that pretty well rules out anything malicious. So either this is something you did yourself, something your software did on its own, or you have someone else managing your site who did it.


#5

Hi @neildsb,

I think you should try to escalate this question with the Yay support folks. The account that issued a certificate for this domain has a contact address associated with this company.


#6

Hi @neildsb

your site doesn’t work. There is an iFrame - element with

http://10cinderhill-btptbncjpg.dynamic-m.com/joomlaCMS

as src, but this site doesn’t work. And the </body></html> is missing, so Firefox shows nothing.

Is this your url?

Or is your Joomla hacked?


#8

I have Web forwarding configured, the url is correct…Its all been working for about a year or so…


#9

Where did you configure web forwarding? Who operates it?


#10

I used web forwarding with Yay.com


#11

Yep - FireFox blocks the http - content. So the combination

https://cookconcise.ltd/ + iFrame from http://10cinderhill-btptbncjpg.dynamic-m.com/joomlaCMS/

doesn’t work.


#12

I do not have a static address for an ‘A’ Record, hence i web fwd to a DDNS. its really strange not sure why its suddenly stopped working


#13

You should

  • remove the certificate https://cookconcise.ltd/ or
  • add a certificate at http://10cinderhill-btptbncjpg.dynamic-m.com/

The combination is the problem.


#14

really appreciate everyone help and support, one problem… i did not add the certificate to remove…unless I am missing something.


#15

thanks found the culprit, Yay.com added the certificate and the combination of Chrome 69 has resulted in the perfect storm, have changed the fwd policy removed the iFrame mask, thanks again Neil


#16

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.