Hello There, Guest!  

Should I convert my sites to https (SSL)


Thread Rating:
  • 1 Vote(s) - 4 Average
  • 1
  • 2
  • 3
  • 4
  • 5
 

petit  

Junior Member


Posts: 6
Threads: 2
Joined: Jul 2017
Reputation: 0

#1
Exclamation 
I have seen a big change in the web hosting industry in the past year. cPanel starts automatically install free SSL to my sites. I know SSL is more secure than non-SSL, but should I convert all of my sites to https? Any pro and cons?

thomas  

Junior Member


Posts: 17
Threads: 0
Joined: Jul 2017
Reputation: 0

#2
It is up to you to decide. Converting http to https for existing sites will definitely lower the SEO ranking of you sites for at least a few months. But sooner or later you will have to convert them to https though. SSL is the future. That is why cPanel started to automatically install SSL.

robert  

Junior Member


Posts: 13
Threads: 0
Joined: Jul 2017
Reputation: 2

#3
I can only partially agree with thomas. SSL is to protect your site and your users. But if your sites contains only normal information, without any transaction related to credit card or Paypal, it should be fine to use non-SSL websites. Non-SSL has been used for decades. It doesn't encrypt the traffic, but it is reasonably secure for general-info websites.

In addition, a big reason why cPanel automatically install SSL, is because of the free SSL offered by Let's Encrypt. But noone know for sure that it is free forever. One day Let's Encrypt may just stops the free service, or they just get bankrupt. If you are using their SSL, you will be forced to buy commercial SSL so that your sites continues to work.

Remember: Converting from http to https can easily be done by a permanent redirect using htaccess. But converting from https to http is not so straight forward. You need an active SSL cert for your site to redirect to http. If you don't have an active SSL, your site will just be stuck at the browser warning.

petit  

Junior Member


Posts: 6
Threads: 2
Joined: Jul 2017
Reputation: 0

#4
(07-24-2017, 07:16 AM) robert Wrote: Remember: Converting from http to https can easily be done by a permanent redirect using htaccess. But converting from https to http is not so straight forward. You need an active SSL cert for your site to redirect to http. If you don't have an active SSL, your site will just be stuck at the browser warning.


I was wondering whether I should convert my sites to SSL, but after reading your comment here I decide not to convert them, since my sites are just general info sites, and I cannot afford to buy SSL for all of my sites if this situation happens. Commercial SSL price is more expensive than the price of a domain itself already ...

durand  

Junior Member


Posts: 14
Threads: 1
Joined: Jul 2017
Reputation: 0

#5
Indeed I also totally agree with robert. Just about 2 months ago, Let's Encrypt started limiting the failed requests based on IP of server. If you are hosting websites for your clients and if they point their site to another server, the auto renewal request for that site will fail. If there are more than 5 failed requests per hour, Let's Encrypt will temporarily block your server IP.

So be careful if you are a hosting provider. For webmaster, that is a sign of Let's Encrypt to restrict the usage. Who knows in the future they will have problems and no longer in the business ?

thomas  

Junior Member


Posts: 17
Threads: 0
Joined: Jul 2017
Reputation: 0

#6
If you decide not to use SSL, you should redirect all https to http, to prevent duplicate content in the eye of search engines

Code:
RewriteEngine On
RewriteCond %{HTTPS} on
RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

 
 
Forum Jump:

Users browsing this thread: 1 Guest(s)