Skip to main content

Don't Force Your Readers To Use SSL

Some blog owners are very anxious to have their blogs accessible, using SSL protocol.

We see the occasional impassioned query, in Blogger Help Forum: Learn More About Blogger.
I added JavaScript code in my blog, to redirect from HTTP to HTTPS, since I want my users to view the blog in HTTPS.

I am concerned about indexing and Webmaster Tools. How do I move from HTTP to HTTPS? I would like my posts to be indexed, using HTTPS.

To make HTTPS / SSL work in Blogger blogs, Blogger Engineering changed all of the internal BlogSpot links from "http://" to "//".

Blogger links are now protocol relative.

The protocol relative URL ("//") lets Blogger code work for either "HTTP" or "HTTPS", depending upon how the reader is viewing each blog (such as yours). The canonical URL, for a blog offering SSL connectivity, will still use "HTTP" protocol - which gives each reader the choice - to use HTTP or HTTPS.

Many blogs published to "blogspot.com" will have content and links which reference other blogs, Internet services, and web sites that do not use SSL. When your readers surf your blog using SSL, links in your blog to "HTTP" content will subject them to "Mixed Content" alerts.

Your readers will be happier, given the choice to use HTTP or HTTPS.

With your blog offering SSL connectivity, your readers will have the choice to use "HTTPS" access (and ignore the "Mixed Content" alerts), or to use normal "HTTP" access. If you force everybody to use "HTTPS" - using unsupported custom code - you will be giving your readers only two choices.
  1. Avoid your blog, and surf as they need.
  2. View your blog, be forced into "HTTPS" mode, and be subject to "Mixed Content" alerts.
Many readers will choose Door #1.

Your readers may see "Mixed Content" alerts, after surfing to your blog.

Your readers deserve the choice whether to surf in SSL Mode or not. Depending upon where they surf, after leaving your blog, they could be faced with a lot of "Mixed Content" alerts. If your blog forces them into SSL mode, and they have to deal with "Mixed Content" alerts after leaving your blog, they will learn to avoid your blog.

Some readers may not be able to use HTTPS, period.

All networks do not support SSL. SSL uses more resources - and must be configured, on some servers. My favourite diagnostic proxy, Rex Swain's HTTP Viewer, only supports HTTP connectivity.


Rex Swain HTTP Viewer - and some other proxy servers - do not support HTTPS.



Keep the advantages of SSL in perspective. SSL does not substitute for a properly designed layered security strategy - on your readers computers, or yours.

Give your readers the choice. Leave the Blogger code as protocol relative - instead of forcing SSL.

If you want the blog indexed using "HTTPS", setup an entry in Search Console, for the "HTTPS" alias.

Comments

Popular posts from this blog

Custom Domain Migration - Managing The Traffic

Your blog depends upon traffic for its success.

Anything that affects the traffic to your blog, such as any change in the URL, affects the success of your blog. Publishing the blog to a custom domain, like renaming the blog, will affect traffic to your blog. The effects of the change will vary from blog to blog, because of the different traffic to every different blog.Followers. People who find your blog because of recommendations by other people.Search engines. Robotic processes which methodically surf your blog, and provide dynamic indexing to people who search for information.Subscribers. People who read your content from their newsfeed reader, such as the dashboard Reading List.Viewers. People who read your content from their browser.No two blogs are the same - and no two blogs will have the same combinations of traffic sources.

Stats Components Are Significant, In Their Own Context

One popular Stats related accessory, which displays pageview information to the public, is the "Popular Posts" gadget.

Popular Posts identifies from 1 to 10 of the most popular posts in the blog, by comparing Stats pageview counts. Optional parts of the display of each post are a snippet of text, and an ever popular thumbnail photo.

Like many Stats features, blog owners have found imaginative uses for "Popular Posts" - and overlook the limitations of the gadget. Both the dynamic nature of Stats, and the timing of the various pageview count recalculations, create confusion, when Popular Posts is examined.