Local Websites and SSL Certs


shanedrumm

Forum Member
Joined
Sep 21, 2016
Messages
16
Likes
1
None of the websites I'm getting as SEO clients have SSL certs.

Should I be recommending all clients to get SSLs even though they are local service websites?

Thanks for the help guys :)
 
Joined
Oct 3, 2012
Messages
959
Likes
260
Absolutely. Although the cert does provide a higher level of security, going HTTPS is also a prerequisite for the HTTP/2 protocol. As long as they're with a hosting provider with the hardware to support HTTP/2, I would definitely do it. If their hosting provide doesn't support it, then I would suggest finding a new host.

HTTP/2 helps with improving page speed by allowing more documents to be transferred from a server to the user's browser than the previous HTTP/1.x allowed. I think the max resources per domain was 6 at a time with HTTP/1.x, but that cap is removed with the new protocol. More explanation can be found here. HTTP/2 uses multiplexing, which wasn't available to transfer resources on HTTP/1.x

So without going into a crazy amount of technical detail what the benefits are (do the reading in the link above), it's very worthwhile to go https for all sites.

Many hosting providers have either free certificates or paid certs. The paid certs are usually wildcard certs, so the encryption can be used throughout all subdomains. The free certs are normally limited to one subdomain (www). Paid certs also can move you to a dedicated IP address (because they're wildcard maybe? Can't remember the reasoning).

Long answer, but to sum it up... going HTTPS will improve site security and site speed. More security = less chance of getting hacked and more trust with users (and Google). The faster you're able to transfer resources from the server to the user means the page will load quicker and users will get what they need sooner.

Hope that helps!
 

shanedrumm

Forum Member
Joined
Sep 21, 2016
Messages
16
Likes
1
Thanks very much Eric for the detailed response. I never knew that it was a prerequisite for HTTP/2 which will result in faster performance.

I now have more than enough information to explain to clients the reasoning for SSL cert. Speed and Security.

That solves that :)
 

JoshuaMackens

Local Search Expert
Joined
Sep 12, 2012
Messages
1,427
Likes
286
Absolutely. Although the cert does provide a higher level of security, going HTTPS is also a prerequisite for the HTTP/2 protocol. As long as they're with a hosting provider with the hardware to support HTTP/2, I would definitely do it. If their hosting provide doesn't support it, then I would suggest finding a new host.

HTTP/2 helps with improving page speed by allowing more documents to be transferred from a server to the user's browser than the previous HTTP/1.x allowed. I think the max resources per domain was 6 at a time with HTTP/1.x, but that cap is removed with the new protocol. More explanation can be found here. HTTP/2 uses multiplexing, which wasn't available to transfer resources on HTTP/1.x

So without going into a crazy amount of technical detail what the benefits are (do the reading in the link above), it's very worthwhile to go https for all sites.

Many hosting providers have either free certificates or paid certs. The paid certs are usually wildcard certs, so the encryption can be used throughout all subdomains. The free certs are normally limited to one subdomain (www). Paid certs also can move you to a dedicated IP address (because they're wildcard maybe? Can't remember the reasoning).

Long answer, but to sum it up... going HTTPS will improve site security and site speed. More security = less chance of getting hacked and more trust with users (and Google). The faster you're able to transfer resources from the server to the user means the page will load quicker and users will get what they need sooner.

Hope that helps!
Wow, nice reply.

Appreciate it man! Had no idea about the request limit and the advantages to HTTP/2. Thanks!
 
Joined
Oct 3, 2012
Messages
959
Likes
260
I did a good amount (but still not enough) research into this after testing speed limitations for a few enterprise eCommerce sites. I started testing with my personal site to case-study results at a smaller scale and saw some pretty awesome improvements.

In case you're wondering what I used to test... Chrome Dev Tools with browser caching disabled :) When using the Network section in Dev Tools, pay close attention to the resources which are stuck in queue prior to download. I'm willing to bet those are being served from the same domain as previous resources, so utilizing HTTP/2 will allow those resources to pass through all at once instead of being capped and queued.

To anyone who thinks technical SEO doesn't matter... good luck getting passed by the competition :p
 

shanedrumm

Forum Member
Joined
Sep 21, 2016
Messages
16
Likes
1
Thanks Eric about the speed testing insights :)

Going start putting all my websites ssl straight away. Got recommended to letsencrypt and this is what they say on their website.

"If your hosting provider offers Let’s Encrypt support, they can request a free certificate on your behalf, install it, and keep it up-to-date automatically. For some hosting providers, this is a configuration setting you need to turn on. Other providers automatically request and install certificates for all their customers."

Its actually a lot easier than I thought and huge bonus this is free I always though it was extra on top of the domain name for an SSL cert.
 
Joined
Oct 3, 2012
Messages
959
Likes
260
Most hosts make it very simple to install a SSL cert. I've been recommending people move over to SiteGround (I could put an affiliate link here... but I wont :p). They are the host I use for my personal site and any client work. I've been very impressed with their support team, the server reliability, and the overall ease of use. Their server security measures are also very impressive. Two thumbs up.

I've also heard WPengine is a great host for WordPress sites, so they're also in the mix of companies to check out. I didn't have a great experience with BlueHost, so I typically tell people to stay away from them (site was going down during afternoon every week. The up-time % was not favorable). I guess that's somewhat expected with a shared hosting environment like that. That's just my personal experience though; i'm sure others have experienced positive things from that company.

Do your due-diligence before picking a web host. Make sure they offer easy installation of SSL certificates (and free certificates), and make sure they have the hardware to support HTTP/2.
 

Tim Colling

Moderator
Local Search Expert
Joined
Sep 3, 2014
Messages
855
Likes
351
I have been using WPEngine for all of my sites for a long time and they provide a very easy path to adding SSL, including free LetsEncrypt SSL, to sites hosted there. Also, their support is excellent, including 2x7 phone support if you are on one of their plans with ten or more installs.

I notice that a few of the "cool kids" have been talking up Liquid Web lately, so it may be good to check on them as well.

Hosting providers that are on my "do not use" list include these:
  • GoDaddy
  • InMotionHosting
  • A2
  • HostGator*

* - however, if you want to one or more good old fashioned "listserve" instances, HostGator includes that for free in its cpanel accounts as one of the apps with automated installs. I don't think that many of the cpanel hosting companies include that product. I use one HostGator account for a couple of personal sites solely for that reason.
 

Similar threads


Local Search Forum


Weekly Digest
Subscribe/Unsubscribe


Google Product Exert

@LocalSearchLink

Join Our Facebook Group

Top