Sitewide Security

SSL encryption enabled throughout

By Kevin RR Williams

WEBSITE Historically, encryption was reserved for transmitting payment information in online stores. Prompted by Google’s push for Internet security, in increasing number of sites (though few percentage-wise) are enabling sitewide security. The dual benefit is that it slightly improves Google search ranking and also encrypts browsing activity.

CNN tech: Congress just killed your Internet privacy protections

Some browsers display a green address bar when visiting sites with an Extended Validation (EV) Code Signing Certificate. Since the annual cost of this certificate can be 10 times more than other certificates, many secure sites will not show up green. In most cases, visitors will simply see a padlock icon.

Making a site truly secure involves more than just flipping a switch. An SSL certificate must be registered and maintained. Prior inbound links must be seamlessly handled. Structural non-secure links have to be modified or eliminated. Secure pages are not permitted within third-party or non-secure frames. Alerts can seem more serious than necessary when clicking a link that takes the visitor from a secure to a non-secure page on the same site. Protocols, domains, and ports must match. If something is not properly configured, a page may not load properly if at all.

Sitewide Security
Qualys SSL Labs: Security report for

Having said that, Mobify formats pages for mobile devices; therefore, sitewide mobile browsing currently is not able to take full advantage of SSL encryption until final checkout. FreeFind indexes content for sitewide Search.

The desktop site employs SSL on nearly every page. Sitewide Search is now on one non-secure page: Site Map. The storewide Find feature has been added to desktop blog pages. We have built in some pretty cool heuristics: You can now type in your frustration or praise and receive an immediate response; you can also type "contact page" or "status page" to be taken to the appropriate destination.

With over a thousand pages spanning more than seven years, it is possible that we may have overlooked other pages that fail to pass SSL requirements. Please let us know if you encounter unanticipated issues.

Protected by Copyscape