Why do I need HTTPS security for my hosted website?
HTTPS (Hypertext Transfer Protocol Secure) is a level of encryption security that take place during the connection to the website you are visiting with your computer browser (Firefox, Chrome). Websites with HTTPS achieve this level of security with an SSL certificate (Secure Sockets Layer) installed on the hosted server. Viewing a site over a non-secure connection (HTTP) opens the interaction with a website to hackers/criminals that could intercept the data you send and receive through your browser window. Passwords, email addresses, anything typed into form fields can be intercepted. HTTPS encrypts that connection between the browser and website. This encryption make it more difficult for hackers to intercept the data sent between a computer browser and the website viewed.
Value of HTTPS for Search Engine Optimization
Recently, Google announced that HTTPS security would become a ranking signal with factoring search traffic. It’s inevitable that all websites will require HTTPS security. It is, therefore, important that your site makes the switch to HTTPS sooner rather than later. Several browsers are now showing ‘not secure’ messages when a website does not have an HTTPS connection. It’s easy to scare off website visitors! When presented with a notice of a possible security issue, it’s most likely a potential customer will switch to a website of your competition.
How to add HTTPS security to your website
You should be planning to make the switch to HTTPS in the coming year. Check with your hosting service (Website Domain Service or GoDaddy for example) to see what types of SSL certificates they offer. The level of security you need will tell you which SSL certificate to install. Website Domain Service offers a simple tool installation tool to make adding HTTPS to a hosted website easy. If you run into installation trouble or have questions, WDS also offers 24/7 phone support to assist with any possible installation questions.
Best Practices for improved SEO
Adding HTTPS to your website will give you a slight advantage against your competition that has not yet made the security upgrade. This security install, along with good site content, will improve your site ranking in organic search results.
“Your Hosting Provider has blacklisted the following plugins…”
No web designer wants to see this message when checking their managed wordpress accounts. Hosting servers such as Website Domain Service are working to protect the integrity of hosted accounts. Suspected plugins are sometimes deleted from user accounts.
In some cases the hosting service will “remove” a plugin that is suspected of being compromised, then email the administrator to let them know. “Better safe then sorry” said owner Joe Birch of In-House Graphics. “I like that my website hosting service is watching my back. Bad guys are always working to find a crack in a website.”
Plugins on the blacklist:
Note: This is not an exhaustive list of disallowed plugins. Just a list of the most used as of October 2017. It is a best practice strategy to remove these plugins even before your hosting platform does it for you. (Not all hosting platforms will perform this level of security. You should contact your hosting service to see what level of help they offer.)
|Plugin name||Category||More info|
|6scan-protection||Duplicate functionality||Abandoned/unsupported plugin with duplicate functionality|
|adminer||Duplicate functionality||See description of category below|
|adsense-click-fraud-monitoring||Performance||See description of category below|
|broken-link-checker||Performance||Instead, use client software on your computer or an external service|
|contextual-related-posts||Related posts||See description of category below|
|ezpz-one-click-backup||Backups||Abandoned/unsupported plugin with duplicate functionality|
|fuzzy-seo-booster||Related posts||See description of category below|
|google-sitemap-generator||Performance||Versions < 4.0 only — Instead use Google Sitemap or WordPress SEO.|
|google-xml-sitemaps-with-multisite-support||Performance||Instead use Google Sitemap or WordPress SEO|
|InfiniteWP Client||Security issues||Versions 1.3.8 and below – vulnerability details|
|jr-referrer||Stats||See description of category below|
|MailPoet||Security issues||Versions 2.6.6 and below — vulnerability details|
|p3-profiler||Unnecessary / nonfunctional||No longer receiving updates|
|portable-phpmyadmin||Duplicate functionality||See description of category below|
|referrer-wp||Stats||See description of category below|
|seo-alrp||Related posts||See description of category below|
|sgcachepress||Unnecessary / nonfunctional||From customers migrating from SiteGround, unneeded|
|similar-posts||Related posts||See description of category below|
|statpress||Stats||See description of category below|
|synthesis||Unnecessary / nonfunctional||From customers migrating from Synthesis, unneeded|
|toolspack||Security issues||Vulnerability details|
Note: We do not blacklist UpdraftPlus.
|w3-total-cache||Caching||See description of category below|
|wordpress-beta-tester||Unnecessary / nonfunctional||Non-functional on GoDaddy Managed WordPress Hosting|
|wordpress-gzip-compression||Duplicate functionality||See description of category below|
|wordpress-popular-posts||Related posts||Versions 3.1.1 and below|
|wp-cache||Caching||See description of category below|
|wp-cachecom||Caching||See description of category below|
|wp-copysafe-web||Security issues||Vulnerability details|
|wp-copysafe-pdf||Security issues||Vulnerability details|
|wp-engine-snapshot||Unnecessary / nonfunctional||From customers migrating from WP Engine, unneeded|
|wp-fast-cache||Caching||See description of category below|
|wp-fastest-cache||Caching||See description of category below|
|wp-file-cache||Caching||See description of category below|
|wp-phpmyadmin||Duplicate functionality||See description of category below|
|wp-postviews||Stats||See description of category below|
|wp-power-stats||Stats||See description of category below|
|wp-slimstat||Stats||See description of category below|
|wp-super-cache||Caching||See description of category below|
|wpengine-common||Unnecessary / nonfunctional||From customers migrating from WP Engine, unneeded|
|wponlinebackup||Backups||Abandoned/unsupported plugin with duplictate functionality|
|yet-another-featured-posts-plugin||Related posts||See description of category below|
|yet-another-related-posts-plugin||Related posts||See description of category below|