Simply had to keep this post here for future references:
HTTPS for WordPress from make.wordpress.org
Tags: https, wordpress
2015-01-08 at 08:45
This is a rather dated page. While encryption does inflict a CPU cost, it’s so low these days, that you can ignore it. Have a look at https://istlsfastyet.com/ .
Also, there are other advantages to switching the whole site to HTTPS. One is SEO. Google (and other search engines) have started giving a higher rating to the websites that are served over HTTPS. Have a look here, for example: http://searchengineland.com/google-starts-giving-ranking-boost-secure-httpsssl-sites-199446
Another advantage, albeit not precisely just HTTPS is SPDY (a prototype for HTTP 2.0). SPDY provides a variety of performance factors, for which the extra CPU cycles spent on encryption are a small price to pay. For a quick overview of those, have a look at http://daniel.haxx.se/http2/ .
Pretty much the only annoying bit about HTTPS these days is having to buy the certificate. But even this problem is about to be sorted out. Electronic Frontier Foundation (EFF) is organizing a few big names, like Cisco, Mozilla and Akamai to launch a new certificate authority this year, which will issue free SSL certificates. Read more about it here: https://www.eff.org/deeplinks/2014/11/certificate-authority-encrypt-entire-web
So, in summary, the WordPress page about HTTPS needs an update. But you are on the right track looking into this direction. 🙂
2015-01-13 at 17:05
Didn’t know about SEO upgrades towards treating HTTPS in higher rankings, thanks for this link!
I’m currently checking SPDY specs, not sure if there’s a place to use it so far, but definetely worth prototyping and benchmarking! 🙂
2015-01-13 at 19:35
I use SPDY already for most of my servers. Nginx makes things so much easier. 🙂
2015-01-14 at 11:34
I’d ask our admins if they’ve tried implementing it in our infrastructure 😉
This site uses Akismet to reduce spam. Learn how your comment data is processed.
© 2018 Andy's Cave
Theme by Anders Norén — Up ↑