Google to Condemn insecure websites

Saw this post http://techguylabs.com/episodes/1465/google-condemn-insecure-websites

does anyone have experience to share on what it would take to transition to https:

I’m using a Saratoga Template and WD…

Thanks

Steve

Basically:

#1 - Find out what https facility your host offers. Most good hosts will include it for free these days, if they want a lot of $$ find another host.

#2 - Do whatever setup your host requires to activate https

#3 - Change the url of all links included in your pages to https

I’ve done it and it was no big deal aside from finding all the links that needed to be edited :lol:

Also, for Saratoga templates, make sure your scripts are up-to-date with check-fetch-times.php?show=versions

Or change them to “//” then they will work on both http and https. Good for transitioning, or if you want to use both for some reason.

Same experience as niko, it wasn’t a big deal to change over, but as I’m self hosting I used LetsEncrypt

ive used doteasy for years but they want big $ for HTTPS support which seems silly. Thinking of using godaddy. Or is there other hosting places that are decent?

https://www.mddhosting.com/ - best support ever when I was using them.

I’ve been using 1and1 since 2006 but there pricing is higher than godaddy so likewise considering a switch…
my other problem with 1and1 is support

as suggested be anxious to hear others success stories with host companies…

will take a look at mddhosting

When Virgin Media removed their webspace entitlement for customers, I had to find a new hosting company in a hurry. After doing price-checks etc, I opted for WHUK whose adverts suggested they gave everything I needed at an affordable price. I have had no problems with them at all over the last two years, and support (where needed) has been excellent.

They recently informed me that they had added https to my domains (without me asking) for free. I took the plunge and have converted the non-weather parts of my site to https with relative ease, the weather side is being a little more problematic with 3rd-party suppliers of embedded data (forecasts, rain radar etc) not feeding as https (therefore unacceptable mixed-content pages). More work needed in alternative suppliers.

To sum up,

  1. I am happy with WHUK as a domain host
  2. Conversion to https is relatively easy, the main problem is embedded content

Hope this helps.

Hi, asked my host today about “https” service & they sent me this
"Hi Paul,

Thank you for contacting HostPresto support.

We believe that you are referring to free SSL service, if so at the moment we do not support LetsEncrypt or other SSL providers on the server itself. However, we have no problem if you want to issue your own LetsEncrypt certificates manually and install them. I believe https://zerossl.com/free-ssl/ makes this very easy. I’d advise generating the key and CSR in the accounts cPanel, then using this to issue the certificate on that app. After that, you can install the certificate in your cPanel.

If the support of LetsEncrypt changes we will, of course, email users notifying you of this.

Please do let us know if you require further assistance.

Regards,
Andy"
not really sure what they are on about, if someone out there could help me there that would be good, I’m with “HostPresto”. My weather site is with MDD hosting & that changed last year to “https” free of charge & I didn’t have to do anything apart from changing links etc.

many thanks.

teal.

I would say HostPresto is behind the curve on the SSL (https) issue if they want you to do it all by yourself :roll:

I have the feeling I will be screwed when this happens. The school does not seem interested in helping.
http://weather.rms.rdale.org

Put in the S and it will not work. They host my site but do not host their own.

Well I will just wait & see what happens.

teal.

I think MDD has changed the account structure now but when I was there I had three sites/domains running on the same account so maybe moving everything there could be an option?

Just talked to my hosting company 1and1.com I have their 1+1 Unlimited Pro hosting package.

they tell me they will give me (1) free ssl certificate…implementation would be 5 to 120 minutes, my website would not work until
after this is done and I hv changed all the url’s to https:

no discussion of encryption levels, redirects or anything else…this 2 step process they claim will work…

what do u guys think…does it sound reasonable? My concern is I don’t land up with a big mess…I have no experience with this at all!

Thanks

I just got billed from GoDaddy - my provider - for $79 for a certificate renewal. Too much for me. In any case, with the certificate inplace now, my sites are still not secure. I’m not sure what’s up with that. Any analyzing tools out there?

Why do you say it’s not secure?

Checker https://www.sslshopper.com/ssl-checker.html#hostname=https://www.m82a1.us/index.php

these hosting companies I think need to be watched…my experience is give them a call, tell them they are not
competitive and like magic u can get a lower price…it’s worth a try!

It’s probably a misunderstanding on my part. When I click on the info symbol in the browser I get this:


Site Security.JPG

I think that warning is because you have linked images using “http”, for example the radar and sat from WU.

That explains that. It’s going to be a daunting task to find all the http:// in the many php files then see if https:// will work. I did a Google search trying to find a tool that would look in a remote site’s files to search for text with no luck.