Membership is FREE, giving all registered users unlimited access to every Acorn Domains feature, resource, and tool! Optional membership upgrades unlock exclusive benefits like profile signatures with links, banner placements, appearances in the weekly newsletter, and much more - customized to your membership level!
Sedo Global Domain Report

HTTPS or staying with HTTP?

Are you upgrading to https?

  • Yes

    Votes: 10 100.0%

  • No

    Votes: 0 0.0%
  • Total voters
    10
I think most people will wont they ? It's been a ranking factor for a while I thought now ? Certainly anything that involves payment needs it.
 
We don't have a choice. Google has spoken. We are just subservient little cash cows and should know our place.
 
I was at a conference on Tuesday where they spoke about GDPR. Apparently encryption is not a requirement of GDPR, but companies need to be able to demonstrate reasonable effort to mitigate privacy breaches, else if they are investigated by the ICO they are more likely to be liable to fines. I therefore assume that SSL will become all the more important from that perspective even if you don't care about Google's recommendations from an SEO perspective.
 
Yet if you have a single page with no input boxes you *still* need an SSL certificate.....
 
Why should someone who doesn't gather any data or have any input move to https? Because google tells you to?.... People shouldn't all so blindly follow and quote someone forcing them to make unnecessary changes. It's frightening how malleable people have become.
 
Why do you need to 'gather trust and have security' for a static one page site not receiving any input?
 
So basically someone who wouldn't have a static one-page site with no input? So really there is no actual need to 'gather trust and have security' is there?
To me it's the same as the government saying that as of tomorrow *everyone* has to wear wellington boots, a raincoat, and take an umbrella out every day because somewhere in the world it is raining. Oh and if you don't you'll be put in jail. Some people would be happy with that I guess.
The point is *choice*. When that is taken away for everyone for no benefit and some people think that's a good thing I worry. Especially when they don't seem to understand what's behind it.
 
RobM said:
Why do you need to 'gather trust and have security' for a static one page site not receiving any input?
Click to expand...

You don't, that's entirely your decision as the website owner. But as of July this year all mainstream browsers will mark "ANY" website, whether its a single page with no form fields in or not...As not secure. If you are in any niche where there is a chance of a customer being spooked by such warnings then its advisable to switch.
 
You realise there's no need to do that? You're ok with that? BTW we won't even get into letsencrypt and how half the time their automatic updates don't work causing you actual downtime you don't need for a certificate you don't need. I'm sure in a few years the only certificates that will be acceptable are googles own... and they won't be free. You can already see how they're heading with their built-in adblock and still people are ok with that. Scary.
 
And yet they won't reject them when forced to do other things...clearly.
 
RobM said:
You realise there's no need to do that? You're ok with that? BTW we won't even get into letsencrypt and how half the time their automatic updates don't work causing you actual downtime you don't need for a certificate you don't need. I'm sure in a few years the only certificates that will be acceptable are googles own... and they won't be free. You can already see how they're heading with their built-in adblock and still people are ok with that. Scary.
Click to expand...

I realise there is no need, I'm ok with you not wanting to do it, you have your reasons.....I couldn't give a monkeys who wants to and who doesn't want to. But if someone wants an opinion from me, and I think it would be of benefit to them in some way or another. I personally won't be saying "no don't do that, you'll be seen as a sheep by that Rob bloke at acorn.":p

Best part of two years and hundreds of websites later, I've never seen a problem with their auto renewals that's been through fault of Let's encrypt, the few that did experience auto renew problems were faults with my configuration mishap when moving expired paid certs to Lets encrypt. Maybe I was just lucky :rolleyes:
 
We have been https ing our sites rapidly. Had a few people comment that they were not and that is from general public which surprised me.

For the sake of what it takes it is a no brainer. In my niches 90% of sites that rank have https and I expect that to increase. Not suggesting every site does it but if in doubt I would do it.

N.b. make sure you do it properly! We didn't see any temporary ranking drops or gains so far.
 
Basically they have problems with htaccess files that redirect http to https. They can't get their authorisation through to be read sometimes. It's easily fixed - you move the htaccess file, rerenew, then move it back. However it is tiresome as it's not always and not on every server. This is a known problem. If you don't catch it though you can have sites not resolving until you manually renew. Pointless poll though really as you don't have a choice - some people like not to have a choice. I've always been a bit more discerning about my time and the reasoning behind unnecessary external uses of it. Still no probs - as my time investment increases I'll simply raise prices to cover it. I'm sure people won't mind..... they don't seem to bother about things.
 
RobM said:
Basically they have problems with htaccess files that redirect http to https. They can't get their authorisation through to be read sometimes. It's easily fixed - you move the htaccess file, rerenew, then move it back. However it is tiresome as it's not always and not on every server. This is a known problem. If you don't catch it though you can have sites not resolving until you manually renew. Pointless poll though really as you don't have a choice - some people like not to have a choice. I've always been a bit more discerning about my time and the reasoning behind unnecessary external uses of it.
Click to expand...

Must depend on the redirect/rewrite, not had that problem myself. For reference this is the redirect I use on the majority of sites for https
Code: 
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.domainname.com/$1 [L,R=301]
 
FWIW I share RobM's weary resignation about this.Of course any website collecting sensitive data should use SSL, and there's a pretty strong case for the current situation of browsers warning people of an insecure connection when entering any data into a form.

But an entirely static website that does not send any data at all? Chrome will claim that a non-SSL site is insecure, when it is neither secure nor insecure. Website owners are being strong-armed into SSL based on a non sequitur.

And as Rob pointed out - Let's Encrypt might be free, but it's not without cost. How many domain outreach emails could one send in the time it takes to set up and maintain LE (or any other SSL solution)?

Interestingly, the Search Engine Land article that Adam linked to also mentions that mobile site speed is becoming a stronger ranking signal. Given that SSL negotiation is one of the biggest lags in a page load time, which factor will win out? Static, non-data-submitting-site owners are penalised for trying to make the web a faster place.

But yes, my sites have all been migrated to SSL, whether or not data are being transmitted :sigh:
 
tocku said:
Interestingly, the Search Engine Land article that Adam linked to also mentions that mobile site speed is becoming a stronger ranking signal. Given that SSL negotiation is one of the biggest lags in a page load time, which factor will win out? Static, non-data-submitting-site owners are penalised for trying to make the web a faster place.
Click to expand...

https is faster than http unless your running some pretty old server config. http://www.httpvshttps.com/

tocku said:
And as Rob pointed out - Let's Encrypt might be free, but it's not without cost. How many domain outreach emails could one send in the time it takes to set up and maintain LE (or any other SSL solution)?
Click to expand...

What cost ? If you are using something like Cpanel most hosts already have it readily available and takes less than 10 seconds to activate. If you manage your own server and use cpanel you can run the following from SSH which takes seconds :

Code: 
/scripts/install_lets_encrypt_autossl_provider

You then configure it to AutoSSL and again it then takes any Cpanel account enabled to install it in 10 seconds. What costs are you speaking of ? Even without Cpanel it doesnt take long to setup
 
You must log in or register to reply here.

Similar threads

it.com
it.com Why Is Your Website Traffic Down? 5 Ways To Analyze And Fix Traffic Drops
Replies
0
Views
229
it.com
it.com
it.com
it.com Launching Websites for IT Startups: Design, Content and Testing Tips for Success
Replies
0
Views
94
it.com
it.com
it.com
it.com How To Launch a Website for an IT Startup: A 3-Step Guide
Replies
0
Views
213
it.com
it.com
it.com
it.com How to Choose a Domain Name for a Personal Blog
Replies
0
Views
283
it.com
it.com
it.com
it.com How to Optimize Information Displayed about a Website in Google Search Results
Replies
0
Views
290
it.com
it.com
Domain Summit Europe 2025

The Rule #1

Do not insult any other member. Be polite and do business. Thank you!

Members online

Total: 297 (members: 9, guests: 288)
IT.com

Premium Members

Sedo Global Domain Report
Aucdom Auctions
Catch Club
dot Hiphop

Latest Comments

Upcoming events

New Threads

Domain Forum Friends

DNForum
ConsultDomain.de
Domaineforum.fr
Domainforum.ro
DN.ca
DomainFragen.de
Inforum.in

Our Mods' Businesses

DomainUI Mod
*the exceptional businesses of our esteemed moderators
General chit-chat
Help Users
  • No one is chatting at the moment.
      There are no messages in the current room.
      Top Bottom