# Not sure about a website's SSL security



## qubit (Jan 16, 2022)

I wanted to submit one of my unused domains that I no longer want to the website below that I happened to come across to see how much they think it's worth which requires submitting personal information and may or may not use them. I'd have to research the market for this kind of website first.






						DotWhat – Domain Acquisitions, Domain Appraisals & Strategical Social Media Advise
					






					dotwhat.com
				




However, Firefox shows the following warning:






and:





Firefox doesn't show a warning like this on other sites such as TPU, Google, my site and others, so I'm pretty sure it's working ok and I have the latest version installed. I get the same warning when I start it with all add-ons disabled, too.

Clicking on View Certificate does show what looks like a valid Let's Encrypt certificate, though.

However, a warning like that puts me off entering my personal details as not worth the risk, but, Chrome, Edge and Brave think the site is ok as per the screenshot below and don't give warnings, hence a couple of questions:

1 Why is there a discepancy between browsers?

2 Do you think it's safe to submit my personal info to this website?


----------



## W1zzard (Jan 16, 2022)

mixed content


----------



## qubit (Jan 16, 2022)

Yes, that's what Firefox was reporting in the popup dialog box before my first screeshot - forgotten to mention it, silly me. I'll familiarise myself with that developer mode.

Question then is why aren't the other browsers warning of this.

I think I'll steer clear of this website.


----------



## silentbogo (Jan 25, 2022)

It's just a misconfigured WP (or they are using a f#$%ed up caching plugin, same issue I had to fix for some weirdo-professor just before christmas). 
But in either case - I wouldn't deal with these dudes. If they can't take care of their website, imagine how much effort do they put into working with customers


----------



## Solaris17 (Jan 25, 2022)

qubit said:


> Question then is why aren't the other browsers warning of this.



they do, but they attempt to automatically upgrade.



			https://tdepix.io/pictures/chrome_a37HzIwffe.png
		


In your case the resource seems to have been hard coded as "http" but was actually reachable via https, since the browser could automatically correct the security there was no need to warn.


----------



## qubit (Jan 26, 2022)

Interesting, thankyou @Solaris17. First time I've come across a thing like this.


----------



## Jism (Feb 19, 2022)

If you migrate a "http" website to "https" you have to change all the belonging resources to https as well; i.e "http://fonts.google.com" to "https://fonts.google.com" or even better, change http:// to simply // and let the browser decide it.


----------

