The rollout of SSL, for "blogspot.com" published blogs, continues.
All "blogspot.com" published blogs will now offer HTTPS connectivity , to the reader. The choice, offered to the blog owner, is now whether to force every reader to use SSL - and the dashboard option is now labeled "HTTPS Redirect".
You can force your readers to use SSL, to access your blog - but will that make them more secure?
Every blog will offer SSL connectivity, to readers who use "HTTPS:" URLs.
The dashboard option is now "HTTPS Redirect".
The choice is now whether to force "HTTPS:" upon each reader - or allow some to continue to read, using "HTTP:".
If you select HTTPS Redirect, you will be limiting your reader population.
Some readers access our blogs, by using free proxy servers - and most proxy servers, when they offer HTTPS, offer it as a premium (with a paid subscription). You are entitled to require everybody to use SSL, if you wish - but you may see reader activity drop, as readers using free proxies find other blogs and websites to read.
Everybody will see the "HTTPS:" alias - with "HTTPS Redirect" set to "Yes".
My personal favourite connectivity diagnostic tool, Rex Swain HTTP Viewer, won't work with blogs that only support "HTTPS:" connectivity.
No "HTTP:" diagnostics, for "HTTPS:" redirected blogs.
The "www" alias of a "blogspot.com" published blog will not work, using SSL .
Using the "www" alias, of a "blogspot.com" URL, will not work - with "HTTPS Redirect" set to "Yes".
Forcing SSL will not make your blogs readers more secure.
Use of "HTTPS Redirect", while nominally making your readers more secure , will limit access to your blog.
Offering SSL connectivity is good for everybody - but understand the limitations.
Enjoy offering SSL connectivity - and improved search engine reputation. But keep it in perspective.
People who explicitly use "HTTP:" to access your blog, and are vulnerable to hijacking, will see an imposters blog - even if your blog forces them to use SSL. Only people who explicitly use "HTTPS:", to access your blog, will predictably see your blog - and they won't benefit from being forced to use SSL.
As #Blogger continues the rollout of SSL to "blogspot.com" published blogs, they have changed the HTTPS option. All blogs which support SSL will offer "HTTPS:" connectivity, and the option will be to allow explicit access, using "HTTP:".
You may do well to consider what benefits you get, from forcing your readers to use SSL to access your blog.
All "blogspot.com" published blogs will now offer HTTPS connectivity , to the reader. The choice, offered to the blog owner, is now whether to force every reader to use SSL - and the dashboard option is now labeled "HTTPS Redirect".
You can force your readers to use SSL, to access your blog - but will that make them more secure?
Every blog will offer SSL connectivity, to readers who use "HTTPS:" URLs.
The dashboard option is now "HTTPS Redirect".
The choice is now whether to force "HTTPS:" upon each reader - or allow some to continue to read, using "HTTP:".
If you select HTTPS Redirect, you will be limiting your reader population.
Some readers access our blogs, by using free proxy servers - and most proxy servers, when they offer HTTPS, offer it as a premium (with a paid subscription). You are entitled to require everybody to use SSL, if you wish - but you may see reader activity drop, as readers using free proxies find other blogs and websites to read.
Everybody will see the "HTTPS:" alias - with "HTTPS Redirect" set to "Yes".
My personal favourite connectivity diagnostic tool, Rex Swain HTTP Viewer, won't work with blogs that only support "HTTPS:" connectivity.
http://www.rexswain.com/cgi-bin/httpview.cgi?url=http://nitecruzr-test-ssl.blogspot.com/&uag=Mozilla/5.0+(X11%3B+CrOS+armv7l+7834.70.0)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/49.0.2623.112+Safari/537.36&ref=http://www.rexswain.com/httpview.html&aen=&req=GET&ver=1.1&fmt=AUTO
No "HTTP:" diagnostics, for "HTTPS:" redirected blogs.
The "www" alias of a "blogspot.com" published blog will not work, using SSL .
Using the "www" alias, of a "blogspot.com" URL, will not work - with "HTTPS Redirect" set to "Yes".
Forcing SSL will not make your blogs readers more secure.
Use of "HTTPS Redirect", while nominally making your readers more secure , will limit access to your blog.
- Readers, using proxy servers, may not be able to access your blog.
- Diagnostics of blog problems, using proxy servers, will be limited.
- Readers who bookmarked your blog, using the "www" alias, will not be able to access it.
- Readers who are vulnerable to hijacking, when using "HTTP:", will not access your blog.
Offering SSL connectivity is good for everybody - but understand the limitations.
Enjoy offering SSL connectivity - and improved search engine reputation. But keep it in perspective.
People who explicitly use "HTTP:" to access your blog, and are vulnerable to hijacking, will see an imposters blog - even if your blog forces them to use SSL. Only people who explicitly use "HTTPS:", to access your blog, will predictably see your blog - and they won't benefit from being forced to use SSL.
As #Blogger continues the rollout of SSL to "blogspot.com" published blogs, they have changed the HTTPS option. All blogs which support SSL will offer "HTTPS:" connectivity, and the option will be to allow explicit access, using "HTTP:".
You may do well to consider what benefits you get, from forcing your readers to use SSL to access your blog.
