- Joined
- Oct 18, 2013
- Messages
- 8,960
HTTPS is not about preventing hacking per say, it's about securing the data transmitted on your site. http://www.biztechmagazine.com/article/2007/07/http-vs-https
Since hacking is defined as "using a computer to gain unauthorized access to data in a system", such breaches could be called hacking.View attachment 42549
HTTPS is not about preventing hacking per say, it's about securing the data transmitted on your site. http://www.biztechmagazine.com/article/2007/07/http-vs-https
Perhaps the article is better titled as the easy things to check when switching to https. I was a bit surprised that it didn't mention the technical parts of https setup. To anyone seeking to move - just perform an SSL server test on a failed site such as a tester like Qualys and you'll begin to understand the problems. There are speed issues, ciphers, vulnerabilities which must be patched/turned off, unsecured content, etc. After switching you may find pages loading at a noticeably slower speed. Not only can it harm your SE performance but it will annoy your users. 301 redirects and link issues are more easily solved.Honestly it is a terrible article , lacks tons of other important things to check
Gary is an amazing guy, brilliant and very careful about being accurate. When he says so, I believe him.Actually, no. Watch the video all the way through and he specifically says that as long as you 301 there will be no loss of pagerank.
Further: Google's Gary Illyes confirms that any 301, 302, 3xx redirect does not lose any PageRank value.
http://searchengineland.com/google-no-pagerank-dilution-using-301-302-30x-redirects-anymore-254608
Early on it was stated that the https ranking would only impact a certain percentage of sites and impact may be difficult to measure because you're never sure you're comparing apples to apples unless you're in Google. But look at Zineb's article here too: https://webmasters.googleblog.com/2015/12/indexing-https-pages-by-default.html There is definitely an initiative to move forward with "https everywhere" - although that doesn't mean it's as urgent as many other items on your list. It appears they are moving forward slowly and carefully because major changes can impact many things, people, variables, etc. Still something to certainly keep an eye upon.But they ran a test between two sites, or something. They went into it pretty in-depth testing it out and came back with that result, less than 1% gain. Also keep in mind if showing ads on a forum that it's better to use HTTP and not SSL, as you have fewer bidders available to show ads on your forum for higher pay rates. Things like that work against switching to SLL really at this time. You also have god knows how many sites paying Google to get a higher ranking as well, something else to consider when thinking using SSL gives you any real 'worthwhile' edge
Matt Cutts I read doesn't work for Google anymore. Dunno?
http://searchengineland.com/matt-cutts-extends-his-unpaid-leave-with-google-through-2015-223951
Perhaps because they either don't know or previously used normal http. So got more worried about losing some 'page rank' than they do about security.
I can't tell you the last time I read about a forum being hacked because it didn't use SSL. And yet there are countless forums hacked every day due to old versions of software, bad file permissions, social engineering, insecure plug-ins, improper user permission settings, etc.
Exactly my thoughts.
I honestly dont care.
smirkley said:We are back now, and we are slowly regaining our traffic and google listings, but that is primarily the result of changing everything including adding ssl.
It has been a miserable year.
HTTPS for me is all about web performance and page speed. HTTPS via HTTP/2 benefits page speed as does using HTTPS allows web servers that support Brotli content encoding compression to serve smaller static file sizes than the regular default gzip/deflate content encoding compression to web browsers that support Brotli https://community.centminmod.com/th...algorithm-coming-to-chrome-browser-soon.5806/
For me on js files it's between 7-25% smaller file sizes on Brotli (br) vs Gzip (gzip) and for css files up to 10-33% smaller files. Smaller size = faster page loads
My forums on my own Centmin Mod Nginx web server built with Brotli support in latest beta, https://community.centminmod.com/ uses Brotli compression for web browsers that support it and fall back to default Gzip compression for web browsers that do not support it
View attachment 42578
Xenforo js files ~19.7% to ~20% smaller via Brotli compression compared to Gzip compression
View attachment 42579
FYI, brotli compression is only supported over HTTPS
The ssl switch was added during the rebuilding from a major crash as part of the rebuild process.Question, what did the SSL switch contribute to the misery, verses splitting that out from the other issues at the time?
you caught me messing and tweaking the styleJust looked at your forum and images are not showing up, I'm using FireFox.
There is definitely an initiative to move forward with "https everywhere" - although that doesn't mean it's as urgent as many other items on your list. It appears they are moving forward slowly and carefully because major changes can impact many things, people, variables, etc. Still something to certainly keep an eye upon.