Hacker News new | past | comments | ask | show | jobs | submit login

We recently changed our existing clients site to 100% SSL when we launched their new site.

If only webmasters had an option to change http:// to https://, the entire move would have been slightly easier as "fetch as googlebot" returns "redirect" since we direct http:// to https://.

Apart from that, we've had no ranking loss for their keywords.




Take a look at HSTS. It effectively tells clients to try HTTPS first when a user types in your domain.

http://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security


... after the first visit...


Unless your site is on the HSTS list (https://src.chromium.org/viewvc/chrome/trunk/src/net/http/tr... for Chrome, Firefox use the same list by verifying by connecting via HTTPS and checking for a long HSTS time.)


Right, unless your site is on the HSTS list AND all your users are using Chrome or firefox....

Which was basically my original point, which is that if you want your site to be generally accessible by just typing in the domain name, you still can't just turn off port 80...

Which I guess is why google.com itself is still reachable on port 80.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: