Digital Masters Magazine

Home of Digital Masters

  • Design
  • Photo
  • Video
  • Web
  • Code
  • UX
  • Mobile
Home Code Alert: Browser Makers Are Beginning to Enforce HTTPS
Alert: Browser Makers Are Beginning to Enforce HTTPS

February 11, 2016 By Digital Masters Leave a Comment

Alert: Browser Makers Are Beginning to Enforce HTTPS

Are you concerned about the security and authenticity of the websites you are visiting? Probably yes, though it may not be your top priority: getting the job done is.  What if we told you that browser makers are doubling their efforts to convince web professionals to rethink their priorities: browsers like Chrome are flat-out refusing to serve websites unless they are delivered via HTTPS (an encrypted, more secure version of HTTP, the Hypertext Transfer Protocol).

Google Chrome and Firefox, for example, will bluntly deny you access to Google’s  In-Page Analytics data and visualization for a website if they deem it not “private’ enough for lack of HTTPS, not to mention that Google and Bing may be penalizing sites that don’t use encryption in search engine ranking. Web creatives can no longer afford to ignore the security aspect of web publishing.

Problem Loading In-Page Analytics dialog 2016-02
Ever seen one of these before? Installing the official browser plug-in for Google Analytics may or may not fix this particular problem; either way you won’t get around switching your site to HTTPS, if the browser makers can help it

The Google Analytics plug-in for your browser may or may not resolve the In-Page Analytics error. Rest assured, the plug-in will not make up for the loss of SEO karma points due to lack of HTTPS.

So how exactly would you go about fixing your site?

Google Analytics refuses to serve a website due to a HTTPS error
Ever seen one of these? Google Analytics refuses to serve a website due to a HTTPS error

You need an SSL certificate

First and foremost, you need an SSL certificate for each and every one of your domains (that includes subdomains; some certificates support more than one domain, which can greatly simplify their management). Costs run from about $10 for the simplest of certificates to hundreds of dollars per year for an extended validation (EV) certificate, the Ferrari of SSL certificates that looks flashy but may not be any safer if it’s used irresponsibly, which gets us to the next point: you need a solid SSL configuration.

You need a solid grip on your SSL configuration (free diagnostics tools can help)

The setup is full of pitfalls. For starters: in the SSL configuration of your web server, you should never use SSL. What?! Yes, you read that right, the SSL protocol is a legacy that would expose your site to its vulnerabilities. Use TLS 1.1/1.2 instead.

When using an external service provider or even the control panel of your web host, you aren’t at the mercy of luck. Using free online services you can verify the security aspects of your server’s SSL configuration as described in this post.

HTTP/2 can nullify the performance penalty of HTTPS

And while you are at it: if optimizing your sites’ performance is something close to your heart, why don’t you treat your web visitors to the best implementation of HTTPS around: HTTP/2. Web admins have been shunning HTTPS for a reason: it will slow your site down, considerably. An upgrade from the decades-old HTTP/1.1 protocol to HTTP/2 will take care of that for visitors with web browsers that are fully supported (this covers almost everyone these days).

As for the technical implementation and what to look for in a web hoster, our sister publication Cloud Insider has a series of articles on this very topic:

  • Letsencrypt, the SSL-Certificate Engine for the Cloud Era of Hyperscale, on AWS EC2 (this one explains the use of free SSL certificates by an open certificate authority named Letsencrypt)
  • How to Activate HTTP/2 with TLS Encryption in NGINX for Secure Connections without a Performance Penalty

Please feel free to post your questions in the comments section below.

Filed Under: Code, E-Commerce, Web, Webmasters' Insights, WordPress Tagged With: browsers, HTTP/2, HTTPS, SSL

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Treat yourself to the best of our content

Sharing is caring

Tweets by 4digitalmasters
Manhattan beauty

Is this your cup of AI?

Speed is everything: shiny car engine rendering

How to force an older PC to upgrade Windows 10 to Windows 11 when it refuses to go along for the ride

Photo by Warren Wong on Unsplash

The tech revolt. Say goodbye to your favorite search engine that’s been wasting your precious clicks on silly captchas

Change language settings in Adobe Photoshop 2020

How to change the language of Adobe Photoshop

Apple MacBook Pro (16-Inch, 16GB RAM, 1TB Storage) - Space Gray

The new 16-inch MacBook Pro: Faster, slightly heavier but still ultra-light and #WorthTheWait

Change language settings in Adobe Photoshop 2020

If you want to run any of your apps of the Adobe Creative Cloud in another language, you have come to the right place. (There is no need to purchase another license; this is just a setting of your current install.)

Apple MacBook Pro (16-Inch, 16GB RAM, 1TB Storage) - Space Gray

Apple’s new 16-inch MacBook Pro sports even cooler looks than its predecessor. It is also truly different.

What’s up

ActionScript Adobe Adobe CC All-in-One WP Migration Angular 2 Apache Apple assistive technology Belarc Advisor bootable Windows 10 Upgrade DVD crawl disabilities DNG Download tool now Dreamweaver Event Viewer Google GPU HTML iOS iPhone JavaScript Microsoft Windows 10 OpenSSH OS X PayPal performance photos Photoshop PHP product key RAW RSS SEO speed SSD Tim Cook TypeScript upgrade deadline Wall Street Windows Windows 10 Windows 10 Fall Creator's Update Windows 10 free upgrade WordPress

Categories

  • Home
  • Subscribe
  • Advertise
  • Privacy Policy
  • Legal
  • Contact Us

Copyright © 2023 ·Streamline Pro Theme · Genesis Framework by StudioPress · WordPress · Log in