HTTPS required . Now what?

[cantstop]

http://motherboard.vice.com/read/go...ll-websites-that-are-unencrypted-chrome-https

This is issue has made me pull back from any new investments or rehabs on sites
because if this becomes the new rules for all browsers SE's
[and when a company that controls almost all serps say so; its likely].
there really is no future unless you are willing to invest in certificates for every domain at a large cost relative to earnings in the world of parked domains.
at least under the current system'pricing of 20-100 $ per certificate
I have heard nothing from the big parking operators on their strategy to deal with this.
and I am seeing unusual traffic patterns already as are frequently seen near a update like with panda etc.
They have for years threatened to exclude parking from the serps and have certainly punished it through various "purges" every year or so but it still survived
now they have a very clever way to get there stated longtime wish of eliminating "junk' content like parking
by not actually targeting it ;
you see it is a "security issue"
if only they had a HTTPS we might index it ,
but since they don't....
Of course there will be 0 sympathy for the problems of parking industry
but what about small business websites- hobby blogs who will now be
"a tree that falls in the forest and no one hears".
unless they pay up for HTTPS

The Social media wins again ;
since they run interference in the SERPs for the little guy
by buying the tools needed to compete and allowing users to bypass the ever greater expense of being seen on the search engine

 

[enlytend]

You can get free ssl certificates (letsEncrypt...)

You can also get multi domain certificates, but if your sites aren't making enough to cover the cost in a year, are they even worth the effort?

The warning is only on pages that ask for a password or other confidential information (for now.) if you don't collect that info, you're ok as is.

 

[Kuffy]

Some years ago, I set up a site to create my own certificates. I suspect this may still be possible. I'll have a look into it. It may be a good use for one of my unused domains.

 

[mpls]

Now what?
Use cloudflare, they offer a free SSL.
And, of course, CDN service, minify JS/CSS and a lot of functions to increase your site speed (fast site + https protocol = high ranking).

 

[Kuffy]

OK - I looked up self-signed security certificates. It seems you get the encryption, but it canthrow up a warning about the aite having problems with the certificate. ie. it is not from atrusted source. I'll see if putting a certificate generator on an Apache server will get round this. I'll check to seeif my hosting allows this.

 

[dordomai]

http://motherboard.vice.com/read/go...ll-websites-that-are-unencrypted-chrome-https

This is issue has made me pull back from any new investments or rehabs on sites
because if this becomes the new rules for all browsers SE's
[and when a company that controls almost all serps say so; its likely].
there really is no future unless you are willing to invest in certificates for every domain at a large cost relative to earnings in the world of parked domains.
at least under the current system'pricing of 20-100 $ per certificate
I have heard nothing from the big parking operators on their strategy to deal with this.
and I am seeing unusual traffic patterns already as are frequently seen near a update like with panda etc.
They have for years threatened to exclude parking from the serps and have certainly punished it through various "purges" every year or so but it still survived
now they have a very clever way to get there stated longtime wish of eliminating "junk' content like parking
by not actually targeting it ;
you see it is a "security issue"
if only they had a HTTPS we might index it ,
but since they don't....
Of course there will be 0 sympathy for the problems of parking industry
but what about small business websites- hobby blogs who will now be
"a tree that falls in the forest and no one hears".
unless they pay up for HTTPS

The Social media wins again ;
since they run interference in the SERPs for the little guy
by buying the tools needed to compete and allowing users to bypass the ever greater expense of being seen on the search engine

maybe you don't need one certificate per domain?

 

[Kuffy]

I should have noticed this before. Cpanel includes and option to generate a SSL certificate for any domain that is listed in it's associated name servers. That looks like the simplest free option.

 

[Julio]

When I had my blog I was using a SSL certificate free from hostgator it came with my hosting service.

 

[mpls]

Guys, where is the problem? If you've a developed site you can use your hosting SSL or in addition an SSL from cloudflare.
If you have only parked domain..... They'll never indexed in G, so SSL is not required.
DO NOT PAY for SSL!!!

 

[carob]

I should have noticed this before. Cpanel includes and option to generate a SSL certificate for any domain that is listed in it's associated name servers. That looks like the simplest free option.

As long as the host has not disabled it, that is on by default. In which case you just need to redirect the http to https, and if it is WP change the site's url to https.
https://blog.cpanel.com/the-cpanel-market-provider-and-free-hostname-ssls/

Installation of a Free DV Hostname Certificate

• Summary: If the certificate for your server’s hostname does not validate, your server will automatically order, download, and install a FREE DV-signed SSL certificate from the cPanel Store.
• Release Notes: Free cPanel-signed Hostname Certificate
• Availability: 55.9999.114 and later
• This service is currently enabled by default.

Understandably a hosting company may not tell you this because then they can sell you a certificate.