I’ve run into some questions about applying SSL encryption to sites that “don’t have anything sensitive that needs to be encrypted.”
Ok. That may be reason enough for some of us. However, there are better reasons to require HTTPS that I would like to explore here. In the coming weeks, I will outline some trade-offs. What will this extra cost and configuration time really buy us?
You can see with this site, just turning it on isn’t the last step – https://www.centralohiotechsupport.com/ – no one likes those certificate warnings!
SSL Labs doesn’t exactly give me a passing grade – https://www.ssllabs.com/ssltest/analyze.html?d=centralohiotechsupport.com