• Stop being a LURKER - join our dealer community and get involved. Sign up and start a conversation.

https secure connections

Transitioning to SSL / HTTP2 should definately come from the platform providers imo. It's such a huge undertaking, to leave it for dealerships to try to figure it out on their own just doesn't feel right to me. At Dealer Inspire our dev team works to ensure that each new website is properly secured at launch and we've migrated the vast majority of existing sites as well.

Aside from DI, I do know DealerOn recently switched to https and I've seen some DDC sites that were listed as secure as well - although I haven't heard if that is a part of a DDC initiative or if it was something that was requested by the individual clients (maybe someone here has that answer?). As far as I'm concerned, a more secure web is good for everyone. I'd love to see all the web providers in our space invest the time and resources to make the transition.
 
Waiting for CDK to roll out HTTPS like...

giphy.gif
 
We're paying $1,500 a year for a Symantec Norton SSL certificate, I'm hoping it will lead to a large enough increase in conversions to justify the cost. We'll find out soon enough :)
View attachment 3250

Are you hosting your own site or going through a service provider?
Maybe that would explain the markup


HTTPS is free. Every dealership website should be on HTTPS. It's very easy for your provider to update you to HTTPS. If customers are sending private information through your website, you should be using HTTPS - no exceptions, regardless of SEO or conversion benefits.

If you are a service provider, using free certificates is not as simple.
Most require a dedicated IP per domain name and as you may already know, the IPv4 range is in very short supply.
Multi-Domain SSLs tend to get expensive.

For all dealers:
If you use your website as a lead generation source, which every dealer does you should use HTTPS.
The simple fact is that you are collecting PII (Personally Identifiable Information) and there is risk of hackers intercepting that information on its way from your prospects browser to your (service providers) servers.
 
  • Like
Reactions: Alexander Lau
HTTPS is free. Every dealership website should be on HTTPS. It's very easy for your provider to update you to HTTPS. If customers are sending private information through your website, you should be using HTTPS - no exceptions, regardless of SEO or conversion benefits.
It's not always free and you're right, it's more about security than SEO.

Auto platforms should be doing it by default, but not all platforms care about secure data transfer (especially the ones that utilize 3rd party add-ons or scripts that embed secure apps; granted that doesn't always mean they are 100% safe). They should, but don't always. It has to make business sense to them = they aren't going to spend a red cent more than they have to, if not absolutely required.
 
Last edited:
Looks like Google will start penalizing unsecured http sites harder starting October.

https://seo-hacker.com/google-adopt-https/

As Ryan pointed out, the bigger issue may be that Chrome will start labeling sites as "NOT SECURE".

What Ben and Ryan said. Clicks to your website from search or 3rd party via Google Chrome will likely reach the screen below. Your website provider should be addressing this with you. It has been a topic of discussion since late last year in SEO/web design circles.

It isn't necessary to pay a lot for an SSL certificate. If you own your own domain, your domain provider or should be able to set it up for you. If not, ask your web host to do it. If you have a Wordpress website or a self-hosted site, get your domain provider's help with this. It can break all of your image links, etc. if you don't know how to implement it. Really Simple SSL is a good tool for Wordpress.

Edited to add: An e-commerce-level SSL solution is more important if you take SSNs or credit card information on your main website.



iCloud-chrome-untrusted.png
 
Last edited:
What Ben and Ryan said. Clicks to your website from search or 3rd party via Google Chrome will likely reach the screen below.

View attachment 3328

I think there's some confusion here, unless I'm missing some big secret.
What I understand is that Google will alert the user that the page is insecure, but this alert will be in the URL bar at the top.
This alert is not going to be an experience breaking alert, it's a fairly discreet notice.
I 100% support SSL for all sites, but I don't think consumers will notice this warning after seeing it on 50% of sites after a month or 2.

upload_2017-9-22_11-23-56.png
 
  • Useful
Reactions: Alexander Lau
I think there's some confusion here, unless I'm missing some big secret.
What I understand is that Google will alert the user that the page is insecure, but this alert will be in the URL bar at the top.
This alert is not going to be an experience breaking alert, it's a fairly discreet notice.
I 100% support SSL for all sites, but I don't think consumers will notice this warning after seeing it on 50% of sites after a month or 2.

View attachment 3329
Exactly.