- Oct 18, 2013
Since hacking is defined as "using a computer to gain unauthorized access to data in a system", such breaches could be called hacking.View attachment 42549
HTTPS is not about preventing hacking per say, it's about securing the data transmitted on your site. http://www.biztechmagazine.com/article/2007/07/http-vs-https
Perhaps the article is better titled as the easy things to check when switching to https. I was a bit surprised that it didn't mention the technical parts of https setup. To anyone seeking to move - just perform an SSL server test on a failed site such as a tester like Qualys and you'll begin to understand the problems. There are speed issues, ciphers, vulnerabilities which must be patched/turned off, unsecured content, etc. After switching you may find pages loading at a noticeably slower speed. Not only can it harm your SE performance but it will annoy your users. 301 redirects and link issues are more easily solved.Honestly it is a terrible article , lacks tons of other important things to check
Gary is an amazing guy, brilliant and very careful about being accurate. When he says so, I believe him.Actually, no. Watch the video all the way through and he specifically says that as long as you 301 there will be no loss of pagerank.
Further: Google's Gary Illyes confirms that any 301, 302, 3xx redirect does not lose any PageRank value.
Early on it was stated that the https ranking would only impact a certain percentage of sites and impact may be difficult to measure because you're never sure you're comparing apples to apples unless you're in Google. But look at Zineb's article here too: https://webmasters.googleblog.com/2015/12/indexing-https-pages-by-default.html There is definitely an initiative to move forward with "https everywhere" - although that doesn't mean it's as urgent as many other items on your list. It appears they are moving forward slowly and carefully because major changes can impact many things, people, variables, etc. Still something to certainly keep an eye upon.But they ran a test between two sites, or something. They went into it pretty in-depth testing it out and came back with that result, less than 1% gain. Also keep in mind if showing ads on a forum that it's better to use HTTP and not SSL, as you have fewer bidders available to show ads on your forum for higher pay rates. Things like that work against switching to SLL really at this time. You also have god knows how many sites paying Google to get a higher ranking as well, something else to consider when thinking using SSL gives you any real 'worthwhile' edge
Matt Cutts I read doesn't work for Google anymore. Dunno?
Here's samples of sites NOT using SSL and there's tons more just like them. All in top Alexa ranks and extremely successful. If they're not worried about it, then I'm not either. I have nothing to lose, compared to those who probably bring in more income in a day than many of us do in a month.Perhaps because they either don't know or previously used normal http. So got more worried about losing some 'page rank' than they do about security.
Exactly my thoughts.I can't tell you the last time I read about a forum being hacked because it didn't use SSL. And yet there are countless forums hacked every day due to old versions of software, bad file permissions, social engineering, insecure plug-ins, improper user permission settings, etc.
Come to think of it, not only forums, but also forum users! I can't tell you when the last time I've heard of a forum user being hacked because the forum didn't use SSL. The instances I've heard of where user accounts were compromised its generally compromised by:Exactly my thoughts.
I honestly dont care.
Question, what did the SSL switch contribute to the misery, verses splitting that out from the other issues at the time?smirkley said:We are back now, and we are slowly regaining our traffic and google listings, but that is primarily the result of changing everything including adding ssl.
It has been a miserable year.
Just looked at your forum and images are not showing up, I'm using FireFox.HTTPS for me is all about web performance and page speed. HTTPS via HTTP/2 benefits page speed as does using HTTPS allows web servers that support Brotli content encoding compression to serve smaller static file sizes than the regular default gzip/deflate content encoding compression to web browsers that support Brotli https://community.centminmod.com/th...algorithm-coming-to-chrome-browser-soon.5806/
For me on js files it's between 7-25% smaller file sizes on Brotli (br) vs Gzip (gzip) and for css files up to 10-33% smaller files. Smaller size = faster page loads
My forums on my own Centmin Mod Nginx web server built with Brotli support in latest beta, https://community.centminmod.com/ uses Brotli compression for web browsers that support it and fall back to default Gzip compression for web browsers that do not support it
View attachment 42578
Xenforo js files ~19.7% to ~20% smaller via Brotli compression compared to Gzip compression
View attachment 42579
FYI, brotli compression is only supported over HTTPS
The ssl switch was added during the rebuilding from a major crash as part of the rebuild process.Question, what did the SSL switch contribute to the misery, verses splitting that out from the other issues at the time?
Agreed. I was under the impression (from a video I watch a long time ago and don't have a link to), that Google was going to increase the ranking signal of https more over time. Besides the http/2 benefits, the fact that Google likes https is reason enough for me to stick with it. Never know what the future will hold. Google is my master.There is definitely an initiative to move forward with "https everywhere" - although that doesn't mean it's as urgent as many other items on your list. It appears they are moving forward slowly and carefully because major changes can impact many things, people, variables, etc. Still something to certainly keep an eye upon.