Miscellany for September
We’ve had a pretty productive month. New sites are getting completed, we’re taking over a blog for our favorite author, and we’ve cleaned up a whole lot of baby-related messes. Also, we seem to have redesigned our primary sites… again. Pretty much par for the course at PureNyx.
In this month’s miscellany we’ll discuss a rather important change Google is about to make in their search ranking algorithm, detail the results of our major new theme upgrade, and talk a bit about how our infrastructure compares to a real heavy hitter.
When Google Says “Jump!”…
There’s little doubt that Google has immense influence over web standards. Given that they control the most popular search engine, the most popular web browser, and the most popular mobile operating system, when they say “jump” website owners either have to comply… or get knocked off their feet. They seem to do a fairly good job restraining themselves and don’t often overuse their power, but that doesn’t mean it’s always easy to follow their lead.
For instance, for the last couple years they’ve been working to increase the prevalence websites using SSL/TLS encryption. Since the web began, unencrypted traffic was the norm and secure certificates were only deployed when necessary. Google wants to make that “when necessary part” into “all the time.” They’ve done a lot to educate website owners about encryption, participated in consortiums to create easier SSL certificate issuance, subtly changed the way Chrome and Android inform users of encryption, and offered a major carrot by giving an SSL bonus in search rankings rankings. Now they intend to use the stick by outright referring to HTTP sites as “Not Secure”.
In a recent post at Google’s blog, they explains how Chrome currently informs users of the presence, or lack, of a valid SSL certificate. They also detail how they intend to change things at the beginning of 2017. For sites without a secure certificate, the red warning icon and “No Secure” label right next to the address is going to be a bit embarrassing. This will only affect users of the Chrome web browser… but of course that ought to be about half of your visitors. If history is any guide, the other half might end up seeing the same thing in the event that Microsoft, Apple, and Mozilla follow suit.
Luckily, PureNyx has you covered. We’ve been focused on increasing the use of SSL among our clientele for the last couple years, in part because we knew this sort of thing was eventually going to happen. We introduced premium SSL for any site desiring it more than three years ago, then halved its price soon thereafter. Two years ago, we introduced free Cloudflare FlexSSL for all sites with a domain managed through our Cloudflare account. We took our specialty networks entirely secure soon afterwards, like the Cybernetic Advisor sites for financial professionals. Our own sites have valid certificates, but do not yet enforce them. We’re most of the way to full SSL coverage now, and we have a plan to get the rest of the way there by end of year.
For those clients without SSL you’ll be hearing the details over coming months. For most clients using our premium $50 SSL, you may be able to renew for free next year (it will depend on your site features). Our managed DNS users will still see CloudFlare certificates on their sites, but a second certificate will be issued server side for extra security. Regardless of which category you fall into, you won’t have to deal with clients asking why your site is “Not Secure”!
Front-end Editing Is Here!
In last month’s Miscellany, I’d mentioned a pending update to our primary theming tool – Divi. It included a variety of new features we’d pretty much been pining for. Despite our nervousness over the size and complexity of the update, it went well and we’ve now deployed Divi 3 to our entire network.
Well… Divi 3.0.11 as of today. There were a few bug-fixes.
For most clients, the new Divi won’t change anything about their current process for using or updating their website. All the administrative features are more or less the same, especially for adding new posts or updating pages from the back end. However, there is now an alternate, and totally new, way to do those same old tasks… Front-end Editing!
Now, logged-in administrators will see an “Enable Visual Builder” button when visiting page of their site. Choosing this option will allow the admin to make changes to text, drag and drop existing blocks of content on the page, or even add/delete entirely new blocks. It’s perfect for making quick spelling or grammar changes and, with a bit of practice, offers an entirely new way to do visual design.
If you’d like to learn more, contact us! We’d be happy to help you use the new Divi features, or even help you switch your legacy site to a Divi framework.
In The Company Of Microsoft
We answer a lot of questions from prospective clients about our security and infrastructure. We’re often asked why we use open-source tools instead of commercial, proprietary products. Sometimes we’re even asked why we host our sites on a service using an open source web server stack instead of using Microsoft’s enterprise Windows Server. These questions are based on a misconception that commercial tools are automatically superior to, and safer than, open source counterparts, so historically I’ve spent time correcting that mistake.
It’s fairly easy to explain how large open projects have garnered significantly greater resources than closed counterparts- Linux and Android are obvious examples nowadays. It’s also simple to demonstrate how the open notification of bugs in open source tools lead to greater awareness and faster patches, not to mention how open code makes it simpler to find and understand bugs in the first place. Most people are aware that commercial software has plenty of its own security problems and the regular updates introduced by most companies, think Windows Update Wednesdays, is an attempt to quietly correct them. Most people have also heard news stories about zero-day exploit markets and government sponsored attacks using bugs they “asked” the company to introduce.
I usually make my point without too much trouble, but I think in the future I might just cut to the chase and point to a news story that came out last month. Microsoft, the historical paragon of closed source power, moved most of their public blog network to the exact same structure we use. We’re talking tens of thousands of sites, covering well known developer-oriented properties like TechNet and MSDN as well as end-user sites like the Office blogs. Our hosting partner, WP Engine announced the move in their e-magazine – Torque.
We’re doing the same thing as Microsoft… except we were about 5 years ahead of them! They are literally using the same software, in the same way, on the same hosting platform.
However, it’s not really terribly surprising. Open Source is the bee’s knees nowadays. Companies like Google and Facebook are building huge businesses on open source frameworks and giving away core parts of their internal technology just to reap the whirlwind when hordes of developers descend to use and improve the tools. Even ultra-closed firms like Apple have long sponsored open platforms that led to things like the Safari and Chrome web browsers. We didn’t so much create a new method or find a diamond in the rough- we more just recognized that the largest open-source projects would be more likely to become the most important, and went along for the ride.