Downside of https (ssl) only site?

Is there any side effect of having only ssl connection to the site?
I see that teksyndicate do a permanent redirect to the https site, i'm planning to do the same, but i'm worried it might have negative effects.
Is it possible that i loose users because ssl is blocked? or because they use and older browser?

Nobody should be using a browser which doesn't support at least some sort of ssl. You may lose users if you set the cipher suite too high or only allow tls1.2 but just using ssl only shouldn't prevent anyone from accessing your site.

You should have a look at configuring your ciphers so you don't use any vulnerable ones while maintaining high compatibility.

Also remember that if you're using a self signed certificate then people visiting your site will be met with an error pages telling them that the certificate can't be trusted.

Thanks!
I'm using a cert from startssl.com , and it works great, i already have SSL configured and working.
I might have to take a look at the used ciphers thought!

I'm on my phone so I don't remember the specifics, but unless you have users on XP there is no excuse for anyone not being able to use a secure TLS implementation. All other systems should support at very least TLS 1.1 and secure cyphers.

If your implementing the TLS on the server the ssllabs SSL/TLS best practice's guide is useful https://www.ssllabs.com/downloads/SSL_TLS_Deployment_Best_Practices.pdf

SSL has actually has a significant SEO bonus on Google search. There aren't any negatives that I've experienced/found in the last 5 years of developing.

You know I was just surfing around for this information today, but I couldn't find a good source. I currently run a home apache server. My cable company blocks port 80, so I have a redirect to a different port, but I cannot use URL masking because it is a giant iframe and this destroys the mobile view so I have my IP address exposed in the address bar after users are redirected.

That said, I recently discovered my cable company does not block port 443 (https). However, as with any https site that doesn't have an SSL certificate, I get the red box warning about visiting my site. Except I honestly don't have the first clue on how to set up an SSL certificate and the first few searches I did (I'm at work so I haven't looked too deeply into it), yielded no good results.

If anyone can point me to a good site / video on how to set it up, I would be grateful.

Thank you friends!

See my link above.

For a valid certificate you need it to be signed by a trusted third party or like you've noticed you get a red screen on chrome telling you to run away. You usually have to pay for this, you might want to keep an eye out for letsencrypt which is coming soon and should be accepted in browsers.

beware of Linux?

Encryption also prevents eavesdropping, it may also be necessary for read only information if that information needs integrity guaranteed.

Thanks, I kept seeing $$ to get white listed but I was hoping for a better alternative. I'll check your link out for sure. Thanks for your time!

I didn't know that, that sounds great!

Pretty much what @Eden said. Sense letsencrypt isn't out yet I'd recommend looking at buying an SSL Cert from namecheap, I usually get this Rapid SSL one https://www.namecheap.com/security/ssl-certificates/rapidssl/rapidssl.aspx.

If you're running your server on linux a this should be pretty accurate to install the SSL Cert. https://www.digitalocean.com/community/tutorials/how-to-create-a-ssl-certificate-on-apache-for-ubuntu-14-04

1 Like

Also, your reply is slightly off topic. I am not saying you did anything wrong. I am saying this is a perfect example to use the "Reply as linked Topic" featured which can be done by hovering over the white space on the right side of the forum.

Does that make sense? You're question is inspired by the topic but can be better addressed in it's own? :)