Local Websites and SSL Certs

More threads by shanedrumm

S

shanedrumm

0
Joined
Sep 21, 2016
Messages
16
Reaction score
1
None of the websites I'm getting as SEO clients have SSL certs.

Should I be recommending all clients to get SSLs even though they are local service websites?

Thanks for the help guys :)
 
Absolutely. Although the cert does provide a higher level of security, going HTTPS is also a prerequisite for the HTTP/2 protocol. As long as they're with a hosting provider with the hardware to support HTTP/2, I would definitely do it. If their hosting provide doesn't support it, then I would suggest finding a new host.

HTTP/2 helps with improving page speed by allowing more documents to be transferred from a server to the user's browser than the previous HTTP/1.x allowed. I think the max resources per domain was 6 at a time with HTTP/1.x, but that cap is removed with the new protocol. More explanation can be found here. HTTP/2 uses multiplexing, which wasn't available to transfer resources on HTTP/1.x

So without going into a crazy amount of technical detail what the benefits are (do the reading in the link above), it's very worthwhile to go https for all sites.

Many hosting providers have either free certificates or paid certs. The paid certs are usually wildcard certs, so the encryption can be used throughout all subdomains. The free certs are normally limited to one subdomain (www). Paid certs also can move you to a dedicated IP address (because they're wildcard maybe? Can't remember the reasoning).

Long answer, but to sum it up... going HTTPS will improve site security and site speed. More security = less chance of getting hacked and more trust with users (and Google). The faster you're able to transfer resources from the server to the user means the page will load quicker and users will get what they need sooner.

Hope that helps!
 
Thanks very much Eric for the detailed response. I never knew that it was a prerequisite for HTTP/2 which will result in faster performance.

I now have more than enough information to explain to clients the reasoning for SSL cert. Speed and Security.

That solves that :)
 
Eric Rohrback said:
Absolutely. Although the cert does provide a higher level of security, going HTTPS is also a prerequisite for the HTTP/2 protocol. As long as they're with a hosting provider with the hardware to support HTTP/2, I would definitely do it. If their hosting provide doesn't support it, then I would suggest finding a new host.

HTTP/2 helps with improving page speed by allowing more documents to be transferred from a server to the user's browser than the previous HTTP/1.x allowed. I think the max resources per domain was 6 at a time with HTTP/1.x, but that cap is removed with the new protocol. More explanation can be found here. HTTP/2 uses multiplexing, which wasn't available to transfer resources on HTTP/1.x

So without going into a crazy amount of technical detail what the benefits are (do the reading in the link above), it's very worthwhile to go https for all sites.

Many hosting providers have either free certificates or paid certs. The paid certs are usually wildcard certs, so the encryption can be used throughout all subdomains. The free certs are normally limited to one subdomain (www). Paid certs also can move you to a dedicated IP address (because they're wildcard maybe? Can't remember the reasoning).

Long answer, but to sum it up... going HTTPS will improve site security and site speed. More security = less chance of getting hacked and more trust with users (and Google). The faster you're able to transfer resources from the server to the user means the page will load quicker and users will get what they need sooner.

Hope that helps!
Click to expand...

Wow, nice reply.

Appreciate it man! Had no idea about the request limit and the advantages to HTTP/2. Thanks!
 
I did a good amount (but still not enough) research into this after testing speed limitations for a few enterprise eCommerce sites. I started testing with my personal site to case-study results at a smaller scale and saw some pretty awesome improvements.

In case you're wondering what I used to test... Chrome Dev Tools with browser caching disabled :) When using the Network section in Dev Tools, pay close attention to the resources which are stuck in queue prior to download. I'm willing to bet those are being served from the same domain as previous resources, so utilizing HTTP/2 will allow those resources to pass through all at once instead of being capped and queued.

To anyone who thinks technical SEO doesn't matter... good luck getting passed by the competition :p
 
Thanks Eric about the speed testing insights :)

Going start putting all my websites ssl straight away. Got recommended to letsencrypt and this is what they say on their website.

"If your hosting provider offers Let’s Encrypt support, they can request a free certificate on your behalf, install it, and keep it up-to-date automatically. For some hosting providers, this is a configuration setting you need to turn on. Other providers automatically request and install certificates for all their customers."

Its actually a lot easier than I thought and huge bonus this is free I always though it was extra on top of the domain name for an SSL cert.
 
Most hosts make it very simple to install a SSL cert. I've been recommending people move over to SiteGround (I could put an affiliate link here... but I wont :p). They are the host I use for my personal site and any client work. I've been very impressed with their support team, the server reliability, and the overall ease of use. Their server security measures are also very impressive. Two thumbs up.

I've also heard WPengine is a great host for WordPress sites, so they're also in the mix of companies to check out. I didn't have a great experience with BlueHost, so I typically tell people to stay away from them (site was going down during afternoon every week. The up-time % was not favorable). I guess that's somewhat expected with a shared hosting environment like that. That's just my personal experience though; i'm sure others have experienced positive things from that company.

Do your due-diligence before picking a web host. Make sure they offer easy installation of SSL certificates (and free certificates), and make sure they have the hardware to support HTTP/2.
 
I have been using WPEngine for all of my sites for a long time and they provide a very easy path to adding SSL, including free LetsEncrypt SSL, to sites hosted there. Also, their support is excellent, including 2x7 phone support if you are on one of their plans with ten or more installs.

I notice that a few of the "cool kids" have been talking up Liquid Web lately, so it may be good to check on them as well.

Hosting providers that are on my "do not use" list include these:
  • GoDaddy
  • InMotionHosting
  • A2
  • HostGator*

* - however, if you want to one or more good old fashioned "listserve" instances, HostGator includes that for free in its cpanel accounts as one of the apps with automated installs. I don't think that many of the cpanel hosting companies include that product. I use one HostGator account for a couple of personal sites solely for that reason.
 
You must log in or register to reply here.

Similar threads

R
  • Question Question
New websites with 0 impressions
Replies
1
Views
621
fisicx
fisicx
C
  • Question Question
What is the best way to optimize a website for a local business who also wants to get international clients?
Replies
6
Views
377
fisicx
fisicx
codyecp
  • Question Question
Indexing - Cannot get search console to index for months... (nor GBP verified)
Replies
4
Views
727
codyecp
codyecp
P
Changing to a specialty
Replies
2
Views
766
localruler
L
ElizabethRule
NEW Local SEO Tips for Dentists
Replies
1
Views
147
JS Girard
J

Login / Register

Already a member?   LOG IN
Not a member yet?   REGISTER

Events

Yext

Newest Posts

Trending content

  Promoted Posts

New advertising option: A review of your product or service posted by a Sterling Sky employee. This will also be shared on the Sterling Sky & LSF Twitter accounts, our Facebook group, LinkedIn, and both newsletters. More...

Share this page

Back
Top Bottom