dnswatchdog.iodocs
Issues

No HTTPS Redirect

The server does not redirect HTTP to HTTPS.

Severity: Warning

What does this mean?

When DNS Watchdog connected to this endpoint over plain HTTP (port 80), the server responded with content instead of redirecting to HTTPS (port 443). This means visitors who type the domain without https:// or follow an old HTTP link will have their traffic sent unencrypted.

Why this is a problem

HTTP traffic is completely unencrypted. Anyone on the network path (ISPs, Wi-Fi operators, attackers on public networks) can read and modify the traffic. This includes login credentials, cookies, and any data submitted through forms. Without an automatic redirect, users may unknowingly use the insecure version of the site.

What you should do

  • Configure the web server to redirect all HTTP requests to HTTPS (a 301 permanent redirect)
  • In Nginx: return 301 https://$host$request_uri;
  • In Apache: Redirect permanent / https://yourdomain.com/
  • If using a load balancer or CDN, configure the redirect there
  • Consider adding the HSTS (HTTP Strict Transport Security) header to tell browsers to always use HTTPS
  • Ensure a valid SSL/TLS certificate is installed before enabling the redirect

Weak TLS Version

The server negotiated a deprecated TLS version.

Dangling Subdomain

The subdomain points to a resource that no longer exists.

On this page

What does this mean?Why this is a problemWhat you should do