Get Paid to Participate - up to $1 per post!     Twitter     Facebook
Hosting Discussion
 

Hosting Discussion > Web Hosting Forums > Website Development & Design > Http to https effortless it appears
forgot password?



FORUM SUPPORTERS:

Reply


Old
  Post #1 (permalink)   05-02-2018, 10:12 AM
HD Amateur
 
Join Date: Aug 2017
Posts: 57

Status: PeterShene is offline
Hi Guys

I will shamefully admit that i was running on http fro a long while up until about a week ago i finally decided to make the change to https.

In ruth i was scared off by all the massive articles on how to move your site and retaining as much of your traffic and ranking as possible.

However for me if was a little more daunting as i have a mixed site of WordPress and static html so no dynamic url re writes.

It was effortless though i simply signed up and did a ht acess re route which it turns out wasn't necessary...

What really helped me was Firefox search console you can click on the insecure site tab and pull up exactly what is still being called on as http and find it on your website and fix it. Ideally try not to use absolute paths
__________________
Web design east london
 
 
 


Old
  Post #2 (permalink)   05-02-2018, 01:58 PM
HD Wizard
 
easyhostmedia's Avatar
 
Join Date: Mar 2011
Location: Northumberland, UK
Posts: 5,518
Send a message via MSN to easyhostmedia

Status: easyhostmedia is offline
Dont forget that now FF and Chrome will both flag any websites not using HTTPS as insecure
__________________
Terry Robertson - CEO The Easyhost Media Group
PowerSSL - - We Secure your World
The Scamlist Forum - Fighting against scammers
 
 
 


Old
  Post #3 (permalink)   05-02-2018, 03:20 PM
HD Community Advisor
 
SenseiSteve's Avatar
 
Join Date: Mar 2009
Location: Saint Louis
Posts: 5,157

Status: SenseiSteve is offline
It has gotten much easier to provision HTTPS recently. If you haven't made the switch yet, do it now. It adds to the trust value of your site.
__________________
Hostirian - Saint Louis Data Center and Dedicated Servers Provider - (800) 615-9349
Colocation, Cloud Servers & Managed WordPress Solutions
Nearly 20 years of IT experience | SSAE-18 Certified, HIPAA Compliant
Insanely Fast PCIe NVMe Servers
 
 
 
The Following User Says Thank You to SenseiSteve For This Useful Post:
easyhostmedia (05-03-2018)


Old
  Post #4 (permalink)   05-07-2018, 11:57 PM
HD Master
 
Join Date: Sep 2014
Location: India
Posts: 372
Send a message via Skype™ to 24x7server

Status: 24x7server is offline
That's a good decision. Even Google will force the transition to HTTPS for July 2018. More details are here:- https://security.googleblog.com/2018...e-to-stay.html
__________________
www.24x7servermanagement.com
Server Management, Server Security, Server Monitoring.
Network Monitoring Team !! Skype: techs24x7
 
 
 
The Following User Says Thank You to 24x7server For This Useful Post:
PeterShene (05-14-2018)


Old
  Post #5 (permalink)   05-08-2018, 01:50 AM
HD Wizard
 
easyhostmedia's Avatar
 
Join Date: Mar 2011
Location: Northumberland, UK
Posts: 5,518
Send a message via MSN to easyhostmedia

Status: easyhostmedia is offline
Quote:
Originally Posted by 24x7server View Post
That's a good decision. Even Google will force the transition to HTTPS for July 2018. More details are here:- https://security.googleblog.com/2018...e-to-stay.html
Yup and soon all browser vendors that are members of the CA/Browser Forum will follow suit.

The say 'It is to make the internet more secure for users' but personally i dont think it is as since CA/Browser Forum was started in 2005 all changes they have made have all lead to 1 thing US USERS HAVING TO SPEND MORE MONEY with CAs and guess who set up and run the CA/Browser Forum
__________________
Terry Robertson - CEO The Easyhost Media Group
PowerSSL - - We Secure your World
The Scamlist Forum - Fighting against scammers
 
 
 
The Following User Says Thank You to easyhostmedia For This Useful Post:
PeterShene (05-14-2018)


Old
  Post #6 (permalink)   05-08-2018, 06:17 AM
HD Newbie
 
Join Date: Aug 2017
Location: Nottingham
Posts: 24

Status: 20i Richard is offline
Quote:
Originally Posted by easyhostmedia View Post
US USERS HAVING TO SPEND MORE MONEY with CAs and guess who set up and run the CA/Browser Forum
There are plenty of free certificates available, from the likes of Let's Encrypt and Cloudflare.
__________________
20i web hosting

Last edited by Artashes : 05-08-2018 at 07:30 AM. Reason: Edited for URL
 
 
 


Old
  Post #7 (permalink)   05-08-2018, 09:26 AM
HD Wizard
 
easyhostmedia's Avatar
 
Join Date: Mar 2011
Location: Northumberland, UK
Posts: 5,518
Send a message via MSN to easyhostmedia

Status: easyhostmedia is offline
Quote:
Originally Posted by 20i Richard View Post
There are plenty of free certificates available, from the likes of Let's Encrypt and Cloudflare.
which are fine for personal sites and blogs, but for commercial sites that require CA badges then you need a paid SSL.

but yes no excuse for any website to not run under HTTPS with the use of free SSL.

But free SSL are aid scammers as it used to be 'look for the padlock to make sure the website is safe and secure' but this means nothing now
__________________
Terry Robertson - CEO The Easyhost Media Group
PowerSSL - - We Secure your World
The Scamlist Forum - Fighting against scammers
 
 
 
The Following User Says Thank You to easyhostmedia For This Useful Post:
PeterShene (05-14-2018)


Old
  Post #8 (permalink)   05-14-2018, 10:19 AM
HD Amateur
 
Join Date: Aug 2017
Posts: 57

Status: PeterShene is offline
Quote:
Originally Posted by easyhostmedia View Post
Dont forget that now FF and Chrome will both flag any websites not using HTTPS as insecure
Yea well apparently this is going to get worse as in the red bar in the browser, so this is why i switched, because i could only imagine all the website visitors i would lose with that red bar.

I see now however many hosting companies are offering standard https and some are dropping http. Not comodo certificates though i think its through lets encrypt.
__________________
Web design east london
 
 
 


Old
  Post #9 (permalink)   05-14-2018, 10:21 AM
HD Amateur
 
Join Date: Aug 2017
Posts: 57

Status: PeterShene is offline
Quote:
Originally Posted by easyhostmedia View Post
which are fine for personal sites and blogs, but for commercial sites that require CA badges then you need a paid SSL.

but yes no excuse for any website to not run under HTTPS with the use of free SSL.

But free SSL are aid scammers as it used to be 'look for the padlock to make sure the website is safe and secure' but this means nothing now
I kind of agree with this it seems to be more of a money making scheme than anything else. As i do web design i bought a comodo certificate, however many of my client websites use lets encrypt, granted not all ssl certificates are equal but in my case lets encrypt would have been good enough.
__________________
Web design east london
 
 
 


Old
  Post #10 (permalink)   05-14-2018, 10:31 AM
HD Wizard
 
easyhostmedia's Avatar
 
Join Date: Mar 2011
Location: Northumberland, UK
Posts: 5,518
Send a message via MSN to easyhostmedia

Status: easyhostmedia is offline
Quote:
Originally Posted by PeterShene View Post
Not comodo certificates though i think its through lets encrypt.
Some use let encrypt, but if your host have WHM 60 + then cPanel have autoSSL which a host can enable as standard, so all sites on the server will be given a free DV SSL cert unless they already have an active SSL cert.

When cPanel first did this i have a real bust up with them as in the WHM60 upgrade this was added enabled by default, so when i had a client try and install his own SSL cert it would not let him as it stated his domain already had an SSL.

To me this should not have been enabled by default as if a host sells a lot of SSL certs, because cpanel decided to give all the hosts clients a free SSL without the hosts permission then how many client will not renew SSL certs, so the host loses revenue.
cPanel could not see this point .
__________________
Terry Robertson - CEO The Easyhost Media Group
PowerSSL - - We Secure your World
The Scamlist Forum - Fighting against scammers
 
 


Old
  Post #11 (permalink)   07-07-2018, 01:00 AM
HD Amateur
 
Join Date: Aug 2017
Posts: 57

Status: PeterShene is offline
yea ive actually also experienced now some of my clients websites going bad, because some of the java script and css files were absolute paths and the ht access redirect sometimes blocks the http request so ive had to do a run through , but i am grateful that it is being offered free.
__________________
Web design east london
 
 
 


Old
  Post #12 (permalink)   09-09-2018, 05:06 PM
HD Newbie
 
Join Date: Apr 2009
Posts: 21

Status: ronweeks is offline
It definitely has become easier now to get an ssl since they are now being offered for free and it does make it much easier to just switch your site to start using https instead. It also does look better when a customer goes to your site and looks around and sees that it is secure.
 
 
 


Old
  Post #13 (permalink)   09-24-2018, 12:08 AM
HD Amateur
 
Join Date: Aug 2017
Posts: 57

Status: PeterShene is offline
Im a little confused about something, i work with alot of different hosts, and for the most part if a client doesnt buy a certificate of the host doesn't offer lets encrypt , when i force it over to ssl ( its a sef signed certificate however, it becomes a auto ssl after a few days, some hosts however this does not happen and i end up with a self self signed certificate which is no good at all. It this at the hosts discretion ?
__________________
Web design east london
 
 
 


Old
  Post #14 (permalink)   09-24-2018, 01:41 AM
HD Wizard
 
easyhostmedia's Avatar
 
Join Date: Mar 2011
Location: Northumberland, UK
Posts: 5,518
Send a message via MSN to easyhostmedia

Status: easyhostmedia is offline
Quote:
Originally Posted by PeterShene View Post
Im a little confused about something, i work with alot of different hosts, and for the most part if a client doesnt buy a certificate of the host doesn't offer lets encrypt , when i force it over to ssl ( its a sef signed certificate however, it becomes a auto ssl after a few days, some hosts however this does not happen and i end up with a self self signed certificate which is no good at all. It this at the hosts discretion ?
Yes it is upto a host if they offer lets encrypt or even enable cpanels own AutoSSL.
But you as a client can get a lets encrypt SSL yourself.
__________________
Terry Robertson - CEO The Easyhost Media Group
PowerSSL - - We Secure your World
The Scamlist Forum - Fighting against scammers
 
 
 
Reply

Thread Tools

New Post New Post   Old Post Old Post
Posting Rules:
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Sponsored By: