How do I disable HTTPS on Heroku

Question

I created a site and put it on Heroku. I then added a custom domain (e.g. \"site.example.com\") in the Heroku control panel and I pointed the DNS to my Heroku address. This work

Answer 1

This may not be the best practice but nevertheless if you desperately want to force "NO-SSL", then you may do it via JavaScript code as follows.

 window.onload=function(){
     $(function(){
         if(window.location.protocol==="https:")
             window.location.protocol="http";
     });
 }

Answer 2

Unfortunately, you can't prevent someone from attempting to access your site via SSL. That is to say that anyone can simply add https to to beginning of ://site.example.com. I would recommend that you open a support ticket to allow the Support team to look into your current configuration. Unfortunately, the Piggyback SSL that exists at *.herokuapp.com for Cedar apps bleeds through unless you have your own SSL certificate that is specified using the ssl:endpoint add-on.

The fact is, even if the Piggyback SSL wasn't in place, your visitors would still receive an error when going to the SSL version of your site. You might consider purchasing a seriously cheap SSL cert from some place like Namecheap (looks like you can pick up a super-simple cert for $8/yr) JUST to get rid of the errors. You can then enforce redirection to the non-SSL version of your site and all is well!