Reasons to implement Always-On SSL

8 great reasons to adopt Always-On SSL - paraphrased from this PDF that could well have been an online article
  • Google will enhance a HTTPS based website's SEO ranking as it now uses that as a ranking signal
  • Google is recommending that browsers warn when the connection is insecure..and you can't be on the wrong side of Google if you want a website to be popular
  • Users are more at risk than ever as they become more mobile
  • SSL is now fast
  • It stops an invoked web page from leaking information via referrer headers
  • You can now enforce it by baking HTTPS into the browser -  HTTP strict transport security (HSTS)  preload list is a list of sites that are hardcoded into Chrome as being HTTPS only
  • Ad networks now comprehensively support SSL
  • SSL certificates are easier than ever to obtain
Also, ISPs may not be able to inject ads or tracking code into a secure web page (although a Chrome extension can still can)

Guy Podjarny's article 10 Reasons To Use HTTPS offers some other reasons -
  • Browsers could only support HTTP/1.1's successor HTTP/2 over HTTPS
  • If you produce content that other sites may embed, not using HTTPS, can cause a HTTPS page making using of it to fail with a Mixed Content Warning

Comments