Custom domains, www vs root, http vs https

Thanks for posting all of this, I’m following along to see what ends up working and not working so I can make sure we update our help doc about this. It’s often hard to tell what the issue is because DNS propagation times are always so arbitrary.

2 Likes

HI @dreev,

Jenn shared your post with me. Setting up custom domains can be tricky - especially since each domain registrar may have a slightly different ui for dns config - but here is what I have found typically helps when you want to set up both an example.com and www.example.com:

  1. Set up an A Record for example.com first, using the instructions that can be found at the bottom of our custom domains help article.
  2. Then, set up the CNAME for www.example.com and point it to example.com.

Let me know if this helps.

1 Like

FYI server websockets don’t work if you use custom domains

Oh ho! I figured I should avoid this since it requires hardcoding the IP (50.31.246.1), which seemed (at least theoretically) fragile.

But happy to try it!

Oof, unfortunately this seems to have immediately broken all 4 variants, which give an immediate DNS_PROBE_FINISHED_NXDOMAIN error now.

:sob:

Ah, sounds like that’s being discussed in WebSockets do not work on Custom domain? – thanks!

Like Jenn said, its likley a DNS propogation issue. Depending on the host and a few other factors, it can take up to three days for records to update. You can check progress on a website like dnspropogation.net.

https://dnspropagation.net/A/molecall.com

1 Like

The fact that it’s failing everywhere and the TTL was minutes (currently 1 minute) makes me skeptical that I’m just waiting on propagation here. But if no one has other ideas, I shall sit tight for 3 days. If it still doesn’t work by Monday then either @tasha’s instructions are wrong or I misunderstood. (If anything jumps out at you from the screenshot from NameCheap above, let me know!)

PS: I thought of a thing to clarify in @tasha’s instructions. Do I put both the bare domain and the www version in the config on the Glitch side? That’s what I’ve done so far:

image

1 Like

Oh no! Thanks for trying. Based on the screenshot that you posted, there is one thing that you need to fix.

For the CNAME record under Host, it should just say: www
Then for the Value, it should say: molecall.com

And yes, you will need to add both the www version and the bare domain to the Glitch project in the editor. What you have there looks correct.

2 Likes

Ah, thank you! Here’s what I have now:

And it’s been much longer than that 1 minute TTL but I still get DNS_PROBE_FINISHED_NXDOMAIN from all the variants.

1 Like

is there supposed to be a “.” at the end of “molecall.com” ?

what happens if you remove the “.” from the CNAME Value

2 Likes

Namecheap adds that automatically, I’m not sure why but I always try to remove it from mine but it puts it back lol.

4 Likes

Good question, but I infer that it’s supposed to be there because when I remove it, NameCheap automatically puts it back.

1 Like

Interesting, I did not know that. Thanks @dreev and @jenn

@dreev when you started updating the dns config according to the guidance above, did you start from scratch? Or did you edit the existing records on Namecheap from what you had previously?

You may need to delete the records on Namecheap and then try adding them again, starting with the ANAME and then adding the CNAME.

I know that is really annoying - im sorry to put you through all this! But I have found that will typically help.

3 Likes

I’ve seen some guides that say to use something like @ in the name column to control the apex domain. Dunno if that’s consistent with the instructions for namecheap specifically. I mean just from pattern matching, one might wonder if this screenshot says that molecall.com.molecall.com resolves to 50.21.246.1.

2 Likes

I believe I did but I just did so again to be sure.

Oh ho, thank you. You’re right, it should be @ according to Namecheap’s help pages.

This is huge progress! I’m kind of back where I started but with a better error. Namely, everything works except https://molecall.com which gives ERR_SSL_PROTOCOL_ERROR in Chrome and SSL_ERROR_ACCESS_DENIED_ALERT in Firefox. I.e., there’s apparently no SSL certificate for molecall.com?


To review for anyone just tuning in or as a sanity check, here are the steps I’m taking to get my custom domain (molecall.com) to point to molecall.glitch.me and have all four variants (http vs https and www vs root) work:

[instructions moved to final post below]


Results so far:

:white_check_mark: http://molecall.com
:white_check_mark: http://www.molecall.com
:x: https://molecall.com – “secure connection failed”
:white_check_mark: https://www.molecall.com

2 Likes

Oh nice, we’re so close! Okay, so since http is working with molecall.com and https is not, this means the final piece is the SSL cert which is done automatically on the Glitch + Fly.io end. It also sometimes takes time but if you don’t see it working in an hour, try removing “molecall.com” from your Glitch app and re-adding it (don’t touch Namecheap).

4 Likes

:tada:

It works now! Thank you so much for the help, everyone. It looks like Glitch / Fly.io caught up with the missing SSL cert on its own – I didn’t have to delete and re-add molecall.com in the Glitch config.

So I believe my instructions above [now below] are correct and I’m now repeating them for two other domains…

:drum:

And it worked instantly this time!

:white_check_mark: http://____
:white_check_mark: http://www.____
:white_check_mark: https://____
:white_check_mark: https://www.____

I’m now adding some edits and clarifications in the above [now below] instructions. I think it would make sense to incorporate them into the official instructions.

I believe the existing official instructions are great if you have a specific subdomain of your custom domain that you want to use. If not then you’ll surely want both the root domain and the www version to work and of course you’ll want it to work for both http and https. As far as I can tell, only those with a profound understanding of sysadminnery could immediately infer the instructions below from what’s currently in the official instructions. (I mean, I have a PhD in computer science and it was a pretty huge frustration for me to piece it all together!)

Final Instructions

[moved again as I’ve learned new things and to keep it all as a single coherent set of step-by-step instructions! see new final response below.]

Open Questions

  1. Is it fragile to hardcode the IP address? Is there any way to avoid doing so?
  2. What if I’m morally opposed to non-encrypted websites and want the http version to actively redirect to the https version?
  3. Which should be the canonical version of the URL? (I hear it’s important for googly/SEO reasons to pick one and have all others redirect to it.)
5 Likes

I’ve figured out a plausible answer to my open question #3: URL canonicalization aka “rel canonical”. Namely, pick a variant – let’s say https://www.example.com – as the canonical version of the URL and specify it in the header of the HTML like so:

[UPDATE: this is now moved and incorporated into the final instructions below]

I’m tentatively/personally not concerned about open question #2 but I can imagine cases where that matters and you wouldn’t want to let users use a non-SSL’d version of the site.

I’m still nervous about open question #1 – hardcoding the IP address – and would love to hear Glitch folks or other experts weigh in on that.

Thanks again!

1 Like

Final Instructions So You Don’t Have To Wade Through Everything Above

If you have custom domain example.com that you want to point to example.glitch.me, here’s what to do:

  1. Add example.com and www.example.com as custom domains in Glitch. The order doesn’t matter.
Glitch config example screenshot

image

  1. Go to Domain Settings for example.com at your registrar. For Namecheap, choose “Namecheap BasicDNS”. Delete any existing domain redirects.

  2. Go to Advanced DNS settings (as it’s called in Namecheap) and delete any existing records.

  3. Add an A Record with host @ (meaning the root aka apex domain – example.com) and value 50.31.246.2 (the IP address for glitch.edgeapp.net – but check this with any dnslookup or ping service – it has changed before and everything breaks when it does, frustratingly). When testing and changing things, set the TTL to 1 minute. If you expect it to be stable, “Automatic” should be fine.

  4. Add a CNAME record with host www and value example.com. Same story with the TTL. (Note that Namecheap automatically turns example.com into example.com. with a trailing dot, which is expected.)

Registrar example config screenshot (note that the IP address shown is wrong though)

  1. It normally will work now, within like a minute. If it doesn’t, check https://dnspropagation.net/A/example.com to see if the DNS records are propagating. If it doesn’t start working in 3 days then you can definitively rule out “slow DNS propagation” as the culprit.

  2. For SEO reasons you want search engines to know which of the URL variants is the canonical one. This is called URL canonicalization aka “rel canonical”. Namely, pick a variant – let’s say https://www.example.com – as the canonical version of the URL and specify it in the header of the HTML like so:

<head>
...
<link rel="canonical" href="https://www.example.com"/>
...
</head>

That way search engines will not be confused and penalize you for having seemingly the same content duplicated across 4 (actually 6, counting http://example.glitch.me and https://example.glitch.me) different URLs.

  1. Redirect http to https. Doing this server-side is ideal, see full instructions, but for a static site, you can put the following in index.html:
<script>
if (window.location.protocol === 'http:')
  window.location.replace('https'+window.location.href.slice(4))
</script>
2 Likes

Turns out this is incomplete. For some of my projects I really need to automatically redirect from the http version to the https version. I’ve asked about that in a new topic – How to redirect http to https – but intend to update my instructions above when I figure that out. [DONE]

Oof, the IP address changed:

I’ve updated the instructions accordingly.

I’m pretty sad about the downtime I just had from this and if anyone knows how to robustify it, I’d be grateful!