miniBB ® 

miniBB

®
Support Forums
  
 | Start | Register | Search | Statistics | File Bank | Manual |
The Other miniBB Support Forums / The Other /  
 

TLS + Google Rankings: a New Signal to Get Ripped

 
Author Paul
Lead Developer 
#1 | Posted: 9 Aug 2014 02:58 
As you may possibly know already (or obviously, may not know), Google now tries to make the web even more secured and have plans to add HTTPS as a ranking signal, meaning websites enabled TLS/SSL should be considered more "valuable" comparing to regular domains.

Bill Davis:
Is this just another ploy by Google to get people to spend more money and make things more complex? Is this a part of their new domain offerings??
Brian Jensen:
you're not the only one asking that question. :)
Google's popularity obviously have an impact on all webmasters, but regarding this case, I may have some extra of my own thoughts gained from experience.

First of all, I'd like to mention you could run the current version miniBB on a regular domain or https-based domain with no problems. If you switch from http to https, it could be just about changing one option in the settings file, and running a single SQL to fix inner URLs in posts.

Despite of it, you may run into difficulties while combining https-based pages with a content from another websites, for example, built-in images from another recources. In this case, as I suppose, all absolute URLs should be rewritten to relatives, i.e. not having https or http in front (like it now happens with YouTube or Vimeo embedding codes).

This is now what this post is about however.
Before you introduce SSL to your website, you must precisely know, what it's about. This is what Google have plans to introduce this or that, doesn't really mean you need to have it.


* "Secured Sockets Layer" is actually only for websites keeping the private information or related, like credit cards, real names, passport IDs, addresses and so on. Running a little forum, or even a large forum filled in with aliases actually doesn't keep anything important. If you have a recipes-based content or love cats in your blog, I doubt someone from "Intelligence Agencies" even will find it worth cracking. And despite it would have https enabled, I doubt it could become strictly popular just because of it.


* On another hand, TLS/SSL provide a way of encoding and decoding information, that means, you will see a notable loss in speed. Actually, you will never your website as quick as it was. They try to claim it is OK, but trust me - I've seen a lot and I know how protocols work to conclude that even in theory, a decoding process COULD NOT be quicker than a regular process. You will be forced to switch to more powerful server and/or hosting plan to allow this (tip! start to count more coins from that point).


* TLS needs an official certification from the authorized company. Of course, there is a way to issue a self-signed certificate build with OpenSSL. But for websites, in most cases, it won't work, because it's mostly for user-to-user connection and not for user-to-website. Most often, if you owe an unauthorized certificate, website newcomers will see this at first:

Untrusted Connection

Not good enough? Of course, not. At this point you will start to lose your traffic and users heavily. But, of course, there is a way of


* BUYING an official certificate. They claim there are companies issuing "free" certificates, but as I've seen some of them, I could say it's almost the same kind of junk as the self-signed certificate. Thus, someone else except you will have an access to your secrets, and that's a little untrusted company; and those certs will expire, sooner or later, with an option to buy them, for sure.

As about "solid" companies, like DigiCert or Symantec's Verisign, their prices for a regular SSL certificate, start from $175 and $ 1,699 respectively. (tip! tip! tip!)

Sure to pay such amounts? I'm not sure someone even earns so much on Google Adsense. Private or small-to-medium businesses just could not allow this. So why then they should care?..

However, this is a must-have option for big daddies, which earn thousands or even millions per month... they become "solid" that way. And ranked high in Google.

Good news for SSL sellers, yay!.. Now they will gain even more money, pay even more taxes and US Army will become even more trained for bombing the Iraq.
Not sure if with the new step, Google just tries to switch off the "amateur" websites and concentrate on giants? That would mean, 80% of the web is under impact of this... and sooner or later, WWW will become a garbage can providing only information from the "major" sources, and with no alternatives.

Good way on controlling the elephants, though...


* All in All, TLS protection just doesn't protect you from something serious. It's a common fact that "Intelligence Agencies", specially those coming from US, have all the tools to decode any SSL connection. Specially if it's just about a website.

After reading this from Google, I was having an impression like this step is done to gain even more websites to control. Specifically, to control from US and exclude these sources from national agencies control.

I suppose, you all heard already that Google KNOWS everything about you, as soon as you have signed up with it, and/or use Google Chrome, and/or signed up with any with Google's "partnership" programs.

Inviting all users to be TLS-protected is just another delicious program to gain even more control.


* I suppose, in no way the type of the data protocol could even have some higher ranks. Any website's rank should still built by it's related quotations amount on the other websites. It's not important if your website runs http or https; if it's a popular source, you shall give no shit to Google's invitations. Just continue what you have started and don't be drilled too much with the IT Planet Surgeons.

There are lots of the other Search Engines on the market. Secure protocols are constantly updated. New devices and programs are coming out each day, and they may not deal with the newest encoding algorithms, because it's all about money, in result. With that all, I just wanted to say that switching to something "more secure" could have a PR meaning and obviously affect your business from the negative end, actually.

So I'd say, I'm not ready to switch to SSL for my projects at this stage. And I'm still for the free and speedy web, which couldn't be in all ways secured, anyway.


P.S. Webmaster Central Blog on Google, which I've given the initial link to in this post, by the way, just advertises TLS and doesn't have SSL certificate on its own.

Author Marcus
Partaker
#2 | Posted: 9 Aug 2014 04:38 
It's from the 'secure email' category: news.yahoo,com/yahoo-join-google-create-spy-free-email-systems-012458302--finance.html. Corporations that gave master access to governments now try to pretend nothing has happened and they are now working on a 'secure email.'

Author Marcus
Partaker
#3 | Posted: 9 Aug 2014 04:57 
Paul:
After reading this from Google, I was having an impression like this step is done to gain even more websites to control. Specifically, to control from US and exclude these sources from national agencies control.
That makes sense. 80-90(?)% of all companies issuing SSL certificates are controlled by US corporations. Knowing they have a way to decode all SSLs gives them a huge advantage over spy agencies from other countries. By forcing websites to use SSL is a way to protect interests of US agencies so that they are the first to collect all sensitive data they want.

Author Guest
~
#4 | Posted: 22 Sep 2014 14:24 
Secured layer adds more protection on the connection itself. For example, if you use wi fi, data is being transferred encoded and it's more difficult to decipher, if there appears an intermediate intrusion between client and website. That would be all about it. 

In no way TLS could help to protect user accounts or even make them safe, it is still up to the software and most likely even users themselves. There could be many ways of stealing users information bypassing all the secure layers. Such majors as Ebay, Skype, Facebook use https - but did it help from stealing users data? Not at all, few times a year we read this or that was hacked *again*. 

Additionally, https makes websites extremely hard in development, they are slow in appearance, because when on https, pages are not cached and all elements reload as soon as the page reloads; if there are lots of icons or images, that's waste of time. I don't know why Google propagates it like it would be a cure of all illnesses, fake approach.

Author nyasin585
Partaker
#5 | Posted: 9 Aug 2015 16:28 
The best way to know the rank is linkcollider. It is helpful in boosting your PageRank, Alexa Ranking, Backlinks, and SEO Keyword Rankings. check it out on linkcollider

Author Batu
Partaker
#6 | Posted: 19 Dec 2015 23:33 
Bookmarked!

The Other miniBB Support Forums / The Other /
 TLS + Google Rankings: a New Signal to Get Ripped
 Share Topic's Link

Your Reply Click this icon to move up to the quoted message


  ?
Post as a Guest, leaving the Password field blank. You could also enter a Guest name, if it's not taken by a member yet. Sign-in and post at once, or just sign-in, bypassing the message's text.


Before posting, make sure your message is compliant with forum rules; otherwise it could be locked or removed with no explanation.

 

 
miniBB Support Forums Powered by Forum Software miniBB ® Home  Features  Requirements  Demo  Download  Showcase  Gallery of Arts
Compiler  Premium Extensions  Premium Support  License  Contact Us
Install the Captcha add-on: protect your miniBB-forums from the automated spam and flood.


  ⇑