Welcome to WebmasterWorld Guest from 35.171.45.91

Forum Moderators: phranque

Message Too Old, No Replies

Going Secure? HTTPS

I will appreciate your comments on the jump

     
8:36 pm on Apr 2, 2018 (gmt 0)

Senior Member from GT 

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month

joined:Mar 30, 2006
posts:1615
votes: 163


Hi webmasters, been a webmaster for years but still on HTTP. I fear what might happen and go wrong here. On some topics I move fast, on others I'm slow at changing things. Secure (HTTPS) is not new, but the push for going https is, you know the hype "http is insecure" not to forget Chrome pushing using warnings "insecure site" etc.

I have a network of sites with decent traffic, all using Http, not Https. My concern is loosing traffic, getting hit, loosing ranking and performance overall. Do not take this for granted! many say https will boost your ranks or whatever, will increase performance, trust and even Adsense income, etc.

But let's be honest, there are cases where things went wrong with no clear explanation (Here [webmasterworld.com...] and also, this is one of the cases where you can find people sharing clear information versus the free and easy "I did it, works great", meaning? oneliners vs an actual explanation. There is a lot at risk in my case, I will really appreciate your comments on this. And sure is not just about "is how you do it", I mean... it's not the case.

I just don't want to risk the traffic and performance I have. So

- Did you make the jump?
- Is everything ok?
- Were any lows and then back to normal?
- Any drops in traffic?
- How long did this take?
- Any regrets?

Any comments will be welcome.
9:22 pm on Apr 2, 2018 (gmt 0)

Preferred Member

Top Contributors Of The Month

joined:Mar 25, 2018
posts:500
votes: 101


- Did you make the jump?

Yes

- Is everything ok?

Yes

- Were any lows and then back to normal?
- Any drops in traffic?
- How long did this take?

In my case, I observed some significant disturbance in the Force, for roughly one week. Until all went smooth as before.

- Any regrets?

No.

I did the switch 2 years ago, when Let's Encrypt appeared.
10:50 pm on Apr 2, 2018 (gmt 0)

Senior Member from GT 

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month

joined:Mar 30, 2006
posts:1615
votes: 163


Thanks for the info Travis, I'm actually considering Let's Encrypt.
10:33 am on Apr 3, 2018 (gmt 0)

Senior Member from GB 

WebmasterWorld Senior Member dstiles is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:May 14, 2008
posts:3286
votes: 19


My sites are roughly half/half; some customers just aren't interested in doing ANYTHING to their web sites.

I have had only a few problems in converting and all were to do with Content Security Policies (CSP). In general these problems were due to missing an enablement for scripts or external content.

I recommend changing to https. Check out the updates using the Mozilla Observatory, Qualys and High Tech Bridge (htbridge) sites. Prepare CSP and other headers using advice on Scott Helme's sites.

At the moment I'm using paid-for certs. My sites are on IIS are lets-encrypt is (was?) difficult to set up on that.
6:56 pm on Apr 3, 2018 (gmt 0)

Preferred Member

10+ Year Member

joined:Sept 24, 2002
posts: 512
votes: 5


I recently made the switch.

Regrets? None.

Difficulty? Much simpler than expected, even though it required updating 1000's of static web pages in some cases. The more "prep work" you do before you make the switch, the easier the switch is.

Certificate Used? I used AutoSSL in cPanel for all my HTTPS sites.

Problems? Some mixed content messages and such to deal with, but those were easily tracked down in the Chrome Console. A few completely broken pages happened in a few instances - on pages I had long forgotten about and wanted to abandon anyways.

Ranking changes? None that I could tell - certainly nothing major. Just be sure to update your site in Webmaster Tools. I found that as my "new" HTTPS site came into Google at about the same rate that the "old" HTTP site disappeared.
1:44 am on Apr 5, 2018 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month

joined:June 20, 2006
posts:2175
votes: 94


Google is sticking a fork in SSL Certs from Symantec!
[webmasters.googleblog.com...]
Symantec did a lousy job of making sure some partners were following the rules behind issuing certs. Now, there's a price to pay.
[en.wikipedia.org...]
Chrome is soon going to alarm on Symantec-owned brands like Thawte, VeriSign, Equifax, GeoTrust, and RapidSSL.
1:50 am on Apr 5, 2018 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member keyplyr is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Sept 26, 2001
posts:12913
votes: 893


Important info:

What Will Happen if I Don't Switch to HTTPS? [webmasterworld.com]

Why HTTPS Matters [developers.google.com]

HTTPS Security Headers [webmasterworld.com]