Www or naked domain

My domain is:
greenfees.com

I ran this command:
www.greenfees.com

It produced this output:
Sorry, the page you were looking for does not exist or is not available.

My web server is (include version):
Apache 2 something?

The operating system my web server runs on is (include version):
Debian 9.9

My hosting provider, if applicable, is:
AWS

I can login to a root shell on my machine
Yes

I’m using a control panel to manage my site
No

The version of my client is
certbot 0.28.0 from certbot --version

I have not added www as a subdomain to DNS
I know that if I add it, the page will be found… problem solved BUT

I wonder if I need to make any changes with Lets Encrypt and if so what do I need to do?
Currently I have a certificate for greenfees.com and all is well :slight_smile:
Will I need an additional certificate for www.greenfees.com?

1 Like

Hi @TheBruce

you need a certificate with the www domain name.

But the easiest solution:

  • Create the DNS A / AAAA entry www -> same ip address
  • add the www as ServerAlias / server_name to your port 80 vHost
  • same with your existing port 443 vHost
  • create one certificate with both domain names, perhaps use the --cert-name to overwrite your existing certificate
  • then add a redirect https + not preferred version -> https + preferred version

You can create two separate vHosts (port 80, non-www and www), same port 443 and two different certificates. But it’s easier to have such a “two in one solution”.

1 Like
  • Create the DNS A / AAAA entry www -> same ip address
    I can do this with DNS…I have done it before many years ago.

  • add the www as ServerAlias / server_name to your port 80 vHost

  • same with your existing port 443 vHost
    Do I do this in Apache? Command suggestions?

  • create one certificate with both domain names, perhaps use the --cert-name to overwrite your existing certificate
    I can do this with SSH. Will it effect my cron process?

  • then add a redirect https + not preferred version -> https + preferred version
    Where do I do this and how?

Thanks
Ger

1 Like

Start with the first step, then recheck your domain to see, if it works - https://check-your-website.server-daten.de/

Port 443 ServerAlias - same as port 80.

If you use the certificate with both domain names, you can delete (certbot delete) the certificate with one domain name. But that’s the last step.

Recheck your domain - then read the output, there are samples.

1 Like

Wow!!
That’s some check on the server. Impressed!

I am torn on adding www My research shows it old school and not best for branding…

My existing code uses www everywhere under the greenfees domian.
I added it using awk as I remember.
I can take it out again … using an awk script I suppose.

Or keep www in my code and make the changes suggested.

What are your thoughts on www?
I am inclined to go naked…

Your thoughts would be appreciated…
Thanks
Ger

1 Like

I note the check stated:
good: one preferred version: non-www is preferred

1 Like

These are two different things.

  • There are some users, they add always www. Other users add never www. So both versions should be defined (if it is a main domain, not a subdomain) with dns entries, vHosts, correct certificates.
  • Then add correct redirects, that’s your “branding question”. There is no general rule, sometimes it’s country-specific (in Germany, www is the standard, other countries - non-www).
  • But it’s important that all users and search engines see the same https version and that all paths to that version work without errors (certificate errors, dns errors, not defined vHosts).
1 Like

Also old school (but an awesome tool!).

I am on LightSail
Lightsail doesn’t currently support IPv6 so AAAA will not work.
Looking at other options now…

I am still researching here.
So CNAME is my option for adding www.greenfees.golf?
Do I still need an individual certificate for www?
Meaning I execute the certbot command you mentioned ? --cert-name

If your current environment doesn't have an ipv6 connection, you shouldn't create a (then wrong) AAAA entry.

You can use a CNAME or an A entry, same ip.

Already answered - please read

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.