Hi Chris,
> I concur with Jon and other people that the advantages of the use of
HTTPS far outweigh the disadvantages
Yes and if this was about having a HTTPS site you would have a point.
Let's review what everyone said.
Jon's email has 2 points,
> 1. Better SEO (not sure whether that's a thing that HPR will care
*that* much about?)
> 2. Reducing the risk of your ISP/Law Enforcement Community/Malicious
nare-do-well being able to man-in-the-middle a connection between you
(the browser/listener) and the web server, and inject content without
there being some sort of obvious injection.
Both are covered by the fact we have a HTTPS site in place. Just to make
clear what I said before, if there are any cases when you are browsing
the HTTPS site and you are getting HTTP content then that is a bug which
we will fix.
Kevin pointed out that if he goes to the http version of a site his
"https everywhere" extension will send him to the https version.
Jon pointed out that that extension has been dropped and linked to the
EFF page which says "Now that world is closer than ever, with mainstream
browsers offering native support for an HTTPS-only mode."
>
https://developers.google.com/search/blog/2014/08/https-as-ranking-signal
> And that goes back seven years.
Back in 2014 we got a lot of emails from Google about moving to HTTPS.
Which we did, and issues they found, which we fixed. We still get
regular emails whenever there is anything that the self appointed rulers
of the Internet feel would hamper our SEO there.
So let's be clear what you are suggesting is that we remove the option
of having a http site on port 80 and force everyone to the https site on
443.
That will prevent claudio "vintage" computers from accessing the site
easily. It will also prevent low cost IOT devices like the ESP32's from
connecting to the site. They should all be using https as well but to
get the initial connection there is the http option available.
So given that Google have no issues with our current situation, and that
the EFF are happy as browsers will automatically redirect to the HTTPS
version, and that it will make life harder for hackers, I still see no
argument for turning off http.
Again what am I missing ?
--
Regards,
Ken Fallon (PA7KEN,G5KEN)
https://kenfallon.com
https://hackerpublicradio.org/hosts/ken_fallon
On 2021-12-16 07:28, Christoph wrote:
https://developers.google.com/search/blog/2014/08/https-as-ranking-signal
And that goes back seven years.
It's safe to assume that search engines like Google nowadays put more
and more emphasis on HTTPS vs. HTTP for the reasons mentioned. I
concur with Jon and other people that the advantages of the use of
HTTPS far outweigh the disadvantages - that's precisely the reason why
top-ranking sites have moved to a HTTPS-only approach
long ago.
So if we are serious about the episodes being found on search engine
result pages and thus improving HPR's popularity in general, I propose
putting a 301 in place.
Cheers, Chris
_______________________________________________
Hpr mailing list
[email protected]
http://hackerpublicradio.org/mailman/listinfo/hpr_hackerpublicradio.org
_______________________________________________
Hpr mailing list
[email protected]
http://hackerpublicradio.org/mailman/listinfo/hpr_hackerpublicradio.org
