When you're planning a new product for your B2B SaaS company, getting input for features from your internal team can set a solid roadmap for growth....
How to set up your SSL naked domain redirect on HubSpot
If you’re having problems with your naked/root domain or you just migrated your website and you're tangled in the technical mess of setting up your domain DNS, redirects, URLs, etc, this article is for you.
As a company, you want your website to be available to everyone, and having these problems with your domain will not allow that to happen. Imagine someone who just remembered you and goes to a browser and types in your domain "theperfectcompany.com" looking for your website, and they get a never loading screen or an error message directly. What a shame!
They may think you’re not the perfect company anymore. So let us help you make sure that doesn't happen.
HubSpot basics before you set up any redirects
In case you're new to HubSpot and handling this technical stuff, here are some basic concepts you should know:
What’s a root/naked domain?
When you register a domain name, you register what is known as the root domain, also called a naked domain. An example is “theperfectcompany.com” but without the “www” subdomain, "theperfectcompany" is the name you've chosen, and ".com" is the extension.
What are HTTP/HTTPS protocols?
These are the primary protocols used to send data between a web browser and a website. The difference between the two is that HTTPS (HyperText Transfer Protocol Secure) is the secure version of HTTP. HTTPS is encrypted in order to increase the security of data transfer.
This is particularly important when users transmit sensitive data, such as logging into a bank account or email service. Any website, especially those that require login credentials, should use HTTPS.
What’s an SSL certificate?
An SSL (Secure Sockets Layer) certificate is a digital certificate that authenticates the identity of a website and encrypts information sent to the server using SSL technology. It serves as an electronic passport that establishes an online entity's credentials when doing business on the Web.
When a user attempts to send confidential information to a Web server, the user's browser accesses the server's digital certificate and establishes a secure connection.
Solving the challenge—Secure Naked Domain redirect on HubSpot
If you’re hosting your website on HubSpot, let’s start reviewing the process to connect your domain to make sure you have it set up the right way, using the HubSpot guide.
Now comes the tricky part. When connecting your domain, HubSpot will initially handle the subdomain we set—let's say “www”—and automatically add the SSL certificate. So we end with our website live as https://www.theperfectcompany.com. That’s the address where we always want to get to.
Since we already have the SSL certificate set by HubSpot, even when searching for just http://www.theperfectcompany.com you will get redirected to the final HTTPS link (https://www.theperfectcompany.com). With that, we solved our subdomains.
Now, we need to make it so that when someone types on their browser just “theperfectcompany.com” they will get to the same https://www.theperfectcompany.com. All we need to do is connect the root domain to HubSpot, but as a redirect domain. The HubSpot guide can help you here again.
By following these steps, we now “delegated” our root domain to HubSpot to make all the necessary adjustments. This works almost the same as for the subdomain. HubSpot will set the SSL certificate as well as the domain forwarding, so we can go from theperfectcompany.com or https://theperfectcompany.com to our same final subdomain address where our site is hosted. Now, everything is covered and working perfectly!
Setting up the redirect without HubSpot
If for any reason you cannot have your root domain connected to HubSpot or if you’re not using HubSpot at all (going against God’s will), you can still make this work in two ways: configuring your own DNS provider or using a third-party tool.
1. DNS solution
After having bought your domain name, you need to have an active SSL certificate. You can buy these on the same DNS provider and set it for your domain. Usually, a chat with support is enough for them to install it for you, so you just need to worry about the actual redirect. If you bought a hosting plan along with your domain, you probably got an SSL certificate included, so make sure to check that.
Then, on the DNS settings, you should find a “Domain Forwarding” option. There, you just need to set the final address where your site is hosted, whatever that is (like www.theperfectcompany.com in HubSpot's case). What this does, is set the redirection from http://theperfectcompany.com to your actual site. The trick and the why for the SSL is so you can also reach your actual site from https://theperfectcompany.com. If you’re missing this, you’ll never get redirected to your site from your root domain using a secure protocol, and that’s no bueno.
2. Third-party solution
If you don’t have an SSL certificate, and you don’t want to get one, there are multiple free services to solve this problem, like NakedSSL, EasyRedir, or redirect.pizza. These add up the SSL for you and set up the desired redirect. If you need support materials for redirect.pizza, check out these resources. Additionally, redirect.pizza has a how-to for you to reference.
You can also use a DNS provider that allows you to securely redirect the root domain. It is recommended that you contact your prospective DNS provider directly before purchasing their services to ensure that they can provide the functionality.
Also, if you're a more advanced user or you have an IT team, you can purchase a server, install an SSL certificate on that server and configure this server to forward traffic from the secure application domain.