Webmasters Stack Exchange
Webmasters Stack Exchange

Questions tagged [https]

HTTPS is the secure version of the hypertext transfer protocol (HTTP). It usually uses port 443 and is powered by the TLS (formerly SSL) cryptographic protocol.

HTTPS is the secure version of the hypertext transfer protocol (). It usually uses port 443 and is powered by the TLS (formerly SSL) cryptographic protocol.

1008 questions
11
votes
3 answers

How to prevent access to website without SSL connection?

I have a website that has an SSL certificate installed, so that if I access the website using https instead of http I will be able to connect using a secure connection. However, I have noticed that I can still access the website non-securely, ie. by…
CJ7
  • 353
  • 2
  • 5
  • 10
11
votes
1 answer

Is it really a security problem to have non secure assets on an ssl page?

My understanding is that this is just an example of being overly cautious, but if my checkout form contains an unsecure asset on it, that doesn't endanger anybody's credit card numbers from being caught by a man-in-the-middle. I'm asking this…
blockhead
  • 287
  • 1
  • 2
  • 5
10
votes
6 answers

HTTPS for entire site

I'm working on a fairly standard web site with public content plus personal/customized content for registered users. I know I need to use HTTPS when users are logging in or sending credit card details. Is there a reason I shouldn't just use HTTPS…
BenV
  • 1,015
  • 1
  • 12
  • 21
8
votes
2 answers

Is it still recommended to inline above the fold CSS with the adoption of http/2?

For awhile now I've been following Google's recommendation here (https://developers.google.com/speed/docs/insights/OptimizeCSSDelivery) to inline critical above the fold CSS for faster load times. I was wondering, is this still going to be necessary…
jetyet47
  • 221
  • 1
  • 2
7
votes
2 answers

2 SSL certificates?

I just spend ages moving all static content to a cookiless domain to help performance, it seems to work great! It got me thinking though, when I install SSL on my main site, am I also going to have to buy SSL on my cookieless domain to stop warning…
Tom Gullen
  • 2,390
  • 2
  • 18
  • 26
4
votes
4 answers

SSL and green address bar

I am new to SSL so can someone explain why my address bar turns green when I'm on certain sites beginning with https:// and sometimes it doesn't even though I know the site has SSL? Maybe these two nuances are not even related, but if I go to…
tinab
4
votes
1 answer

2048 bit SSL overhead

Can you guys help me learn some ssl networking basics plz? What is a SSL transaction (a full handshake?) Why do people think 2k ssl will melt netscalers (ssl trans/sec exceed netscaler max ssl trans/sec?) Can't you install ssl on a cdn's edge…
alex
  • 41
  • 1
4
votes
3 answers

HTTPS page loading non-HTTPS images

I have an HTTPS website which links to images from a CDN, as well as user-generated image links that are not HTTPS. I get errors like this in console: The page at https://example.com displayed insecure content from …
Charuru
  • 161
  • 1
  • 1
  • 2
4
votes
2 answers

EV SSL with a static resource server

We have the domain: www.scirra.com Which we are going through the process of obtaining an EV SSL certificate for. The site makes use of our static domain to server CSS/images etc. It has 4…
Tom Gullen
  • 2,390
  • 2
  • 18
  • 26
4
votes
1 answer

Is it OK to have a website not listen at all on port 80?

I am running a small static website in a google storage bucket. I have http and https support. But I want http to redirect to https, so no visitor ends up with the "not secure" browser warning. There is no way to do that with a google storage bucket…
nicolasochem
  • 143
  • 2
3
votes
2 answers

SSL certificate - which one to buy?

Possible Duplicate: SSL certificate provider Hello, I'm trying to set up Https for my e-commerce site on webfaction hosting. Was trying to buy SSL certificate from godaddy.com which has my new domain, however, I see different plans and pricing…
user589876
3
votes
3 answers

One SSL on two sub domains

I have 2 sub-domains one for support and other for billing. I just wasnt https on these two not the main site. Can i use 1 SSL Certificate on two sub-domains, or i will need to buy two certificates ?
Prateek
  • 107
  • 6
3
votes
1 answer

Should every page on every site be behind SSL?

This question stemmed from a discussion here: Ad networks that will serve via HTTPS? My question to the OP was "is it necessary to have every page behind SSL?" Admittedly at the time of posting this question, the OP hadn't got back to me to let me…
Piers Karsenbarg
  • 1,422
  • 9
  • 18
3
votes
1 answer

HTTPS and China

I am currently moving a website to HTTPS. That website is used from all over the world, including China. Tools like observatory.mozilla.org only give a site a good rating, if it enforces HTTPS usage. Mainly I would like to know if this can be a…
Marcus
  • 165
  • 1
  • 8
2
votes
2 answers

business vetted SSL vs domain vetted SSL

Does Google Rank business vetted SSL higher than domain vetted SSL’s? I did a lot of searching but was not able to find a clear answer.
Jay
  • 121
  • 3
1
2 3 4