<body><script type="text/javascript"> function setAttributeOnload(object, attribute, val) { if(window.addEventListener) { window.addEventListener('load', function(){ object[attribute] = val; }, false); } else { window.attachEvent('onload', function(){ object[attribute] = val; }); } } </script> <div id="navbar-iframe-container"></div> <script type="text/javascript" src="https://apis.google.com/js/plusone.js"></script> <script type="text/javascript"> gapi.load("gapi.iframes:gapi.iframes.style.bubble", function() { if (gapi.iframes && gapi.iframes.getContext) { gapi.iframes.getContext().openChild({ url: 'https://www.blogger.com/navbar.g?targetBlogID\x3d8211560\x26blogName\x3dTech+Tips,+Tricks+%26+Trivia\x26publishMode\x3dPUBLISH_MODE_BLOGSPOT\x26navbarType\x3dBLUE\x26layoutType\x3dCLASSIC\x26searchRoot\x3dhttp://mvark.blogspot.com/search\x26blogLocale\x3den\x26v\x3d2\x26homepageUrl\x3dhttp://mvark.blogspot.com/\x26vt\x3d-5147029996388199615', where: document.getElementById("navbar-iframe-container"), id: "navbar-iframe" }); } }); </script>

Tech Tips, Tricks & Trivia

by 'Anil' Radhakrishna
An architect's notes, experiments, discoveries and annotated bookmarks.

Search from over a hundred HOW TO articles, Tips and Tricks

Reasons to implement Always-On SSL

8 great reasons to adopt Always-On SSL - paraphrased from this PDF that could well have been an online article
  • Google will enhance a HTTPS based website's SEO ranking as it now uses that as a ranking signal
  • Google is recommending that browsers warn when the connection is insecure..and you can't be on the wrong side of Google if you want a website to be popular
  • Users are more at risk than ever as they become more mobile
  • SSL is now fast
  • It stops an invoked web page from leaking information via referrer headers
  • You can now enforce it by baking HTTPS into the browser -  HTTP strict transport security (HSTS)  preload list is a list of sites that are hardcoded into Chrome as being HTTPS only
  • Ad networks now comprehensively support SSL
  • SSL certificates are easier than ever to obtain
Also, ISPs may not be able to inject ads or tracking code into a secure web page (although a Chrome extension can still can)

Guy Podjarny's article 10 Reasons To Use HTTPS offers some other reasons -
  • Browsers could only support HTTP/1.1's successor HTTP/2 over HTTPS
  • If you produce content that other sites may embed, not using HTTPS, can cause a HTTPS page making using of it to fail with a Mixed Content Warning


Tweet this | Google+ it | Share on FB

« Home | Next »
| Next »
| Next »
| Next »
| Next »
| Next »
| Next »
| Next »
| Next »
| Next »


Post a Comment