Does my site really need https

[rayray]

On my website I'm not collecting any personal information or credit cards through forms.

There's not contact-us form either.

The only form on my site is the search query form.

And I'm using a 3rd party plugin for comments. I guess the plugin provider is handling the https for posting comments.

Is it still recommended to make my site https?

 

[Graybeard]

Google says so ... Snowden says so ... go with the flow ...
In reality probably not if there are no logged in areas or financial transactions.
However, if you want SEO or general public acceptance -- YES.

 

[rayray]

Thanks Gray, I'll make it https once things settle down with me right now a lot is changing.

 

[Freddy63]

https is becoming the new http. It's not that hard to enable https. What's your CMS? or are you using html?

 

[rayray]

I'm using a web application server, the manual has instructions on how to configure https, but in order to use enable https one has to purchase an SSL certificate?

How much does it cost to enable https?

 

[no2pencil]

It doesn't "need" to, to function. But if your competition is rewarded for https, why wouldn't you?

If you don't value SEO, then don't bother. If your plan for attracting an audience requires they find you, then you probably should.

 

[rayray]

Thanks a lot, I'll implement it. Right now my pages are indexed but they're not showing up in the first page. They're not being discovered. I have a LOT of competition.

 

[Graybeard]

I'm using a web application server, the manual has instructions on how to configure https, but in order to use enable https one has to purchase an SSL certificate?

How much does it cost to enable https?

You can install certbot and get a free TLS cert (HTTPS)

Certbot

 

[no2pencil]

You can install certbot and get a free TLS cert (HTTPS)

Certbot

I hide behind CloudFlare's free SSL.

 

[vanthanh]

I hide behind CloudFlare's free SSL.Good

 

[rayray]

I finally enabled https, and happy that the sites are encrypted now. But, they are slower and with https they are disconnecting randomly. With just http they were never disconnecting randomly. I must be doing something wrong. I have to figure this out.

I'm hosting my sites from a standalone machine.

I would've used a fast hosting provider but, I have to use their directory structure. I wish they could give me my own virtual machine with full root access.

I looked at CloudFlare but couldn't tell from the surface what operating system they support.

 

[no2pencil]

CloudFlare is an external networking layer. The OS is irrelevant.

 

[rayray]

CloudFlare is an external networking layer. The OS is irrelevant.

I have been living in a cave, the Internet has changed a lot. A CDN is something that I could probably use to make my site load faster.

 

[rayray]

Thanks a lot Gray, we got https working consistently, it was a nat issue.

 

[Graybeard]

Sounds like a bandwidth throttling problem to me.
TLS require a "handshake" between the client and server to validate the *SSL* so the stalls could be for a lot of reasons really. Including your webserver's cache status of the requested page or your client browser's conditions too
on your machine?
Try
How to check OS and version using a Linux command

 

[phpsundar]

I have been living in a cave, the Internet has changed a lot. A CDN is something that I could probably use to make my site load faster.

@rayray I read all your posts above. From what I understand your site just uses single 3rd party plugin for comments , if thats the case is it being used in the Home page or inner pages ?
If in Home Page , move it over to other inner pages , so load time for first time visitor will be better.
Also make sure the Home Page has minimal scripts / light weight images / load contents in blocks , try to avoid any blocks that fetches data from external links / sites.
To check whether your site is performing well or not , check the performance analysis over here h t t p s : / / g t m e t r i x . c o m , this will give you an detailed insight on your site's performance based on which you can tweak it to perform better.
Coming back to your main question , HTTPS is made compulsory by google to make sure the visitors searching through google are redirected to secured sites. Because of which if you don't use HTTPS your site link will be warned in the results page which will turn down your prospective visitors / business.
SO make sure its configured probably.
I had to install SSL for 5 of my domains to adhere to Google standards.
Hope this helps.

 

[Graybeard]

I installed another certificate today using certbot on a ssh terminal. Be advised you don't want to support TLSv1.0 any longer it's not a secure encryption.

SSL is overkill maybe -- spammers are not intercepting individual email data posted from forms. No, the are breaking into unencrypted databases then reselling the data LOL So, that part of SSL/TLS is a joke to protect that type of data. Using SSL with financial transactions has been the norm for over 10 years.

Even if you are using a SSL URL the first handshake with the URL between you and the server is in plaintext now. Nothing gained there. Google and the ISP or other DNS server you use can see your surfing history AND your IP address. So if you are like most people -- your ISP can snoop on you and know who you are -- the goes toward offering relevant ads that match your surfing habits. SSL won't save you from this. DNS over HTTPS - Cloudflare Resolver <<<facts

There will be a major upgrade soon ESNI: A Privacy-Protecting Upgrade to HTTPS

Anyway, I got the command $certbot renew to work (petty well). Another task --I did a blog today (my only one) I have doubts of any SEO improvement.