http://domain vs https://domain resolves to different domains
i notice that accessing sites with (presumably) no ssl cert using https instead of http often results in loading a page from a completely diff site. for example, http://tgoresort.com results in a page about an rv resort in florida, while https://tgoresort.com loads a page about shoe inserts. (depending on your viewpoint, i guess that could be amusing... :-)
the links on the bogus page sometimes point to the correct page by name (but with https prepended), and sometimes point to the bogus domain. i would assume that is due to relative pages vs fully specified pages.
http://myrtleBeachGolfmasters.com is a page about discount golf in s. carolilna, while https://myrtleBeachGolfmasters.com loads a page from corbera networks. most links on the page point to corbera networks, but the "mas informacion" link points to https://myrtleBeachGolfmasters.com, and loads a page from corbera.
nslookup gives the same answer for both:
$ nslookup https://www.tgoresort.com
Server: 66.82.4.8
Address: 66.82.4.8#53
Non-authoritative answer:
Name: https://www.tgoresort.com
Address: 63.251.179.5
Name: https://www.tgoresort.com
Address: 8.15.7.110
$ nslookup http://www.tgoresort.com
Server: 66.82.4.8
Address: 66.82.4.8#53
Non-authoritative answer:
Name: http://www.tgoresort.com
Address: 63.251.179.5
Name: http://www.tgoresort.com
Address: 8.15.7.110
while whois gives diff answers:
$ whois 8.15.7.110
Level 3 Communications, Inc. LVLT-ORG-8-8 (NET-8-0-0-0-1)
8.0.0.0 - 8.255.255.255
Co-Location.com Inc. LVLT-COLOC-1-8-15-7-96 (NET-8-15-7-96-1)
8.15.7.96 - 8.15.7.127
$ whois 63.251.179.5
Internap Network Services Corporation NETBLK-PNAP-11-99 (NET-63-251-0-0-1)
63.251.0.0 - 63.251.255.255
Internet Search Services INAP-DEN-INTERNETSEARCH-16
63.251.179.0 - 63.251.179.63
the question: is this normal, acceptable behavior? should the https:// ref result in some kind of error msg?
the links on the bogus page sometimes point to the correct page by name (but with https prepended), and sometimes point to the bogus domain. i would assume that is due to relative pages vs fully specified pages.
http://myrtleBeachGolfmasters.com is a page about discount golf in s. carolilna, while https://myrtleBeachGolfmasters.com loads a page from corbera networks. most links on the page point to corbera networks, but the "mas informacion" link points to https://myrtleBeachGolfmasters.com, and loads a page from corbera.
nslookup gives the same answer for both:
$ nslookup https://www.tgoresort.com
Server: 66.82.4.8
Address: 66.82.4.8#53
Non-authoritative answer:
Name: https://www.tgoresort.com
Address: 63.251.179.5
Name: https://www.tgoresort.com
Address: 8.15.7.110
$ nslookup http://www.tgoresort.com
Server: 66.82.4.8
Address: 66.82.4.8#53
Non-authoritative answer:
Name: http://www.tgoresort.com
Address: 63.251.179.5
Name: http://www.tgoresort.com
Address: 8.15.7.110
while whois gives diff answers:
$ whois 8.15.7.110
Level 3 Communications, Inc. LVLT-ORG-8-8 (NET-8-0-0-0-1)
8.0.0.0 - 8.255.255.255
Co-Location.com Inc. LVLT-COLOC-1-8-15-7-96 (NET-8-15-7-96-1)
8.15.7.96 - 8.15.7.127
$ whois 63.251.179.5
Internap Network Services Corporation NETBLK-PNAP-11-99 (NET-63-251-0-0-1)
63.251.0.0 - 63.251.255.255
Internet Search Services INAP-DEN-INTERNETSEARCH-16
63.251.179.0 - 63.251.179.63
the question: is this normal, acceptable behavior? should the https:// ref result in some kind of error msg?
ASKER
sorry to take so long to get back -
well, actually i understand the protocol://host-addr concept. it seems that both http://host-addr and https://host-addr should resolve to the same machine, just diff ports, and if there is no cert for a particular page, the 443 port should cough up a message, not serve up some (random?) page. it would seem that somewhere in the port/socket/ssl/web server chain it would be determined that no cert exists for that combo, and something like a 404 msg should result.
why/where is tgoresort:443 associated with footpain (if you'll pardon the expression)? where is this association made?
why are there two dns A records for http://www.tgoresort.com but only one for www.tgoresort.com?
nslookup www.tgoresort.com responds with a single address, while
http://www.tgoresort.com responds with two. dig gives similar results.
despite its compliance with the specs, it "feels" ugly. i assume the only way to avoid such behavior is to provide a cert for the page i don't want (for lack of a better word) mangled.
tnx
well, actually i understand the protocol://host-addr concept. it seems that both http://host-addr and https://host-addr should resolve to the same machine, just diff ports, and if there is no cert for a particular page, the 443 port should cough up a message, not serve up some (random?) page. it would seem that somewhere in the port/socket/ssl/web server chain it would be determined that no cert exists for that combo, and something like a 404 msg should result.
why/where is tgoresort:443 associated with footpain (if you'll pardon the expression)? where is this association made?
why are there two dns A records for http://www.tgoresort.com but only one for www.tgoresort.com?
nslookup www.tgoresort.com responds with a single address, while
http://www.tgoresort.com responds with two. dig gives similar results.
despite its compliance with the specs, it "feels" ugly. i assume the only way to avoid such behavior is to provide a cert for the page i don't want (for lack of a better word) mangled.
tnx
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Yeah, prevostpilot . . . what kind of nslookup tool are you using. I have vista, w2k, w2003 server, and Centos and they all fail with a non-existent or NXDOMAIN when I try and prepend http or https to the lookup.
I think McNetic is correct pointing to multiple domains hosted on a single server. The whole point of virtual hosts is to allow this behavior . . . if you think it seems socially aberrant I'd have to agree, there's something just wrong about having one IP serve pain and vacations.
I think McNetic is correct pointing to multiple domains hosted on a single server. The whole point of virtual hosts is to allow this behavior . . . if you think it seems socially aberrant I'd have to agree, there's something just wrong about having one IP serve pain and vacations.
You have a slight misunderstanding of the dns system and the http protocol:
DNS is only about host name to ip adress mapping, that is tgoresort.com resolves to 66.193.232.25 currently (for me, as dns entries are cached for a few days usually, this can differ on different name servers. Additionally, there exists dns round robin which gives different ips to different requests).
The http or https scheme is just something your browser interprets: depending on which one is used, it tries to build a normal http or secured https connection, and default port is 80 for http and 443 for https.
As both requests go to different ports on the same webserver (with the ip mentioned above), the server can serve different content to the those two URLs. If now absolute links are set to http://... from https://... or vice versa, the browser will then query the other port and get different (unexpected) content.
This issue always happens on web servers serving multiple domains on a single ip address: for the http protocol, this works without problems, as the request sent by the browser contains the domain name, so the server can decide which domain to server the pages from. On the other hand, when using https, the connection has to be encrypted before exchanging any data, so it is only possible to use one single https certificate on one ip address. In this case, it is the certificate of www.footpain.com, so the web server has to assume the client wants to go to said site, and displays the content of www.footpain.com although the typed in domain is tgoresort.com.