Jump to content


Photo

Isn't an SSL certificate impossible for a site on a shared server?

SSL https server shared url security seo

  • Please log in to reply
3 replies to this topic

#1 fjpoblam

fjpoblam

    Member

  • Members
  • PipPip
  • 65 posts

Posted 17 December 2015 - 05:25 PM

Google (and Firefox and EFF) have long encouraged "HTTPS everywhere" to protect web travelers from unsafe sites. Google now says it will by default give "https" URLs preferred weight in searches: http://googlewebmast...by-default.html

It is my impression that:
- Acquiring an https URL for a site involves SSL certification.
- Acquiring SSL certification is expensive.
- Acquiring SSL certification is impossible for a site on a shared server.

My site is simple-minded: a blog plus an About page (and, yes, error pages 400, 401, 403, 404, 500; and a sitemap). No commerce. Nonetheless, Wordpress presents a "search" when a tag is "not found"so that's a form and I suppose could deserve encryption...

I'm no SSL heavyweight. But I'd like site visitors to be and feel safe, and I'd like not to cripple my SEO. Advice?
  • 0

#2 ericr

ericr

    Staff

  • Staff Administrator
  • PipPipPip
  • 224 posts
  • Gender:Male

Posted 17 December 2015 - 05:33 PM

-  The certification required for basic ssl is only that you are who you say you are and that you own the domain.
-  SSL certificates can be expensive depending on what you choose.  Our certificates start at $35 a year.  However, there are other sources that you can purchase a certificate from that you can use.  As long as you can add the certificate using the SSL/TLS wizard in cPanel you can use it.
-  SNI was added to the ssl specification quite a few years ago.  SNI provides the ability to have a unlimited number of SSL sites on the same IP.  So it is a myth that it is impossible or requires a dedicated IP on modern servers.

 

If you desire you can even take a simpler route.  Just put your site behind cloudflare. Then you can let cloudflare do all the work on getting the basic SSL needs met.  You can find details on how they handle SSL here: https://blog.cloudfl...-universal-ssl/


  • 1

#3 fjpoblam

fjpoblam

    Member

  • Members
  • PipPip
  • 65 posts

Posted 17 December 2015 - 06:53 PM

I truly thank you, ericr, for your prompt and detailed response. I'll bookmark the cloudflare site, and read your response with great attention so that I may, I hope, understand which path is most appropriate for my blog. You have always been a great help, and I appreciate it.
  • 0

#4 SBell

SBell

    Newbie

  • Members
  • Pip
  • 5 posts
  • Gender:Male
  • Location:UK
  • Interests:HTML JAVASCRIPT CSS MYSQL PHP

Posted 30 December 2015 - 10:10 AM

We have just installed our SSL certificate on a shared server, it was a bit of hassle but well worth it. Certificates don't have to be expensive if you are not selling products. Word of advice though, if you cover all access points like forms, anywhere where the user can input information, make sure those url's are served as https then you have covered your bases for safe data transactions. Google should not penalise you for not having an https home page UNLESS there is a user interface on that homepage, or any type of form that can be filled out and sent.


  • 0

Web developer: www.bellsdomestics.co.uk






1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users