News

combo lockThis week we implemented a feature that gives all of our shared hosting accounts a free SSL certificate from Let's Encrypt (https://letsencrypt.org/). As long as the DNS for your domain references the IP address of our server, existing customers should have a valid certificate not only for their main domain, but for any subdomains.

This means that https://your-website should already be working. The HTTPS in that URL tells your browser to request a secure page, where the usual HTTP protocol is not encrypted. However in order to take full advantage of HTTPS you may need to make some changes to your site's configuration. More on this below.

The Benefits of Using HTTPS/SSL

SSL has always been a good idea for sites that have controlled access. If users can log in to your site with a password, then they should be doing that over the secure HTTPS protocol. Regular HTTP connections send the password in plain text, so anyone who intercepts the communication has the user's login data. That's obviously not a good thing.

The same is true for sites that collect financial information. If you have a form that collects credit card information, your cardholder agreement probably requires that the data is sent over SSL.

HTTPS and Search Rank

About two years ago, Google announced that they were using HTTPS as a "lightweight" ranking signal.[link] If your search rank is really important to the success of your business, switching to HTTPS should help.

HTTPS and Browsers

Web browsers have long had an inidcation of whether or not a site was using a HTTPS connection, and whether or not the underlying SSL certificate was current and valid. Over the years, these indicators have become more prominent so users can easily see whether or not their connection was encerypted. Last month, the Chromium project announced that starting January 2017, their browser (which is the base for Google's Chrome browser) will start labelling some HTTP connections as not secure[link], like this:

chrome-2017

They also mentioned that this is part of a long term plan to mark all HTTP pages as non-secure, like this:

chrome-eventual

It's not unreasonable to assume that other browsers will follow suit, so it's better to switch to HTTPS now.

Updating Your Site

In most cases, switching to HTTPS is straightforward. Joomla users can change the "Force HTTPS" setting to "Always". Wordpress users can change their site's URL options. These changes will get you the main part of your page over HTTPS, but you might see warnings that "parts of your page" are insecure. this might be links to your images that use HTTP (one issue with Wordpress) or other "assets" brought into the page over HTTP. You might need to work with your web developer to get a "pure HTTPS" page.

What About Certificate Renewals?

We have a process that runs every night to take care of this. It checks the validity of all Let's Encrypt certificates, renews expired certificates, and attempts to issue new certificates for new subdomains. The process should be fully transparent and automated. Our customers should have SSL for life, which makes us very happy!

 

 

altAbivia has released version 1.6.10 of it's popular Multi-Twitter module. This is a jump from 1.6.8 since we fixed a bug and had 1.6.9 ready for release when a change at Twitter broke search before we announced the update. Version 1.6.10 addresses the search poblem as well.

Details are available in the release notes on the product page.

altAbivia has released version 1.6.8 of it's popular Multi-Twitter module. This update accounts for changes in Twitter that were breaking page parsing.

Details are available in the release notes on the product page.

altAbivia has released version 1.6.6 of it's popular Multi-Twitter module. This update corrects several problems in the 1.6.5 release: search now works properly and includes all results; some experimental code that should never have made it to production has been removed; caching in Joomla 1.5 won't break the module, and the Joomla 3.x build now works.

Obviously, 1.6.5 was a little rushed.It's fitting that we had release issues on the same day that the Joomla project had release issues. We apologize for any inconvenience this may have caused. Version 1.6.6 incorporates additional tests to prevent a repeat of some of the issues; a revised build system should reduce the odds of getting code not ready for prime time, and this specific release has been hand tested in Joomla 1.5, 2.5, and 3.3. If you experience any problems with this release please contact us or post a message on our forums.

Details are available in the release notes on the product page.

altAbivia has released version 1.6.5 of it's popular Multi-Twitter module. This update handles a Twitter change that was causing errors. This release also incorporates a distinct Joomla 3.x version, and both the 2.5 and 3.x versions now use the updater.

Details are available in the release notes on the product page.

More Articles...

Page 1 of 14

<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>