For a while now there’s been talk of Google favoring secure HTTPS pages in its results. We just noticed this week that any Google searches for content on our web site now return secure HTTPS URLs instead of HTTP:
It’s not clear when this happened but a quick check on our web server shows that nearly 75% of all connections were HTTPS:
Only a year or so ago HTTPS connections only made up about 10% of all connections. The percentage of HTTPS URLs being used is only going to increase as more people find HTTPS based results on Google and then share them in web pages, emails and social media.
So if your site supports based HTTP and HTTPS then HTTPS is now the most important in terms of optimising performance. The good news if that HTTPS isn’t necessarily much slower than HTTP and may be even faster if you support SPDY.
UPDATE July 7, 2014: There’s been a lot of interest in this post and some people have been jumping on the SEO implications of this. We’re not implying that your site will get ranked higher than other sites if you have HTTPS. What we’re saying is that if your site has both HTTP and HTTPS versions of the same content that Google will now return an HTTPS link. The biggest implication is that if you support HTTPS most of traffic will now be using HTTPS rather than HTTP.
UPDATE August 6, 2014 – Google has confirmed that HTTPS will be used as a ranking signal in Google Search.
The small screens of the iPad and iPhone don’t lend themselves to in-depth development tasks, but their mobility and convenience can be useful when tracking down problems in the field or providing support when you are out of the office.
Here’s a list of apps that you may find useful if you are involved in development or tech support: (Please let us know in the comments if there’s any we’ve missed)
Dropbox – iOS 7 doesn’t have a public file system for sharing files between apps. Dropbox is the best alternative until improved sharing features arrive in iOS 8. You can save files from Mobile Safari or Mail and then open them in other apps or PC/ Mac (Free)
Cloud based servers are great. You can quickly fire up new instances to scale up a web site or just to make deployment easier.
However, your new cloud server may not be as clean and new as you expect. The problem is that IPv4 addresses are in short supply and your cloud server provider will maintain a pool of addresses that get recycled when a cloud server is destroyed. So when you create a new cloud server, the IP address assigned to it may have some baggage from its previous owner.
We ran into this when we deployed a major update of our site to a new server. Not long after deployment we got a Google Alert about the presence of HttpWatch related content at site with a strange domain name – let’s say malwarecentral.com. The weird thing was that this site was an exact replica of our site:
The site must have had a high page rank in Google, perhaps through dubious SEO techniques. If we searched for ‘HttpWatch’ the site appeared as one of the first search results:
Using HttpWatch we checked the IP address used by the site and found that it was the same as our latest cloud server:
It wasn’t a copy of our site it was an existing DNS entry that was pointing at the same IP address as our server.
How could this have happened? The scenario may have gone something like this:
A simple way to avoid old DNS entries referring to your site is to remove the default binding that allows any hostname to be used. In IIS the entry looks like this:
Once it is removed only requests containing the hostnames that you specify will be able to load pages.
There may be other consequences to reusing an IP address on your cloud server. It may have been black listed by email systems if it was sending spam and it could be blocked from other web sites or services if it was engaged in Denial Of Service (DOS) attacks or hacking attempts.
This problem doesn’t exist with IPv6 because it has such a large address space that the cloud server provider could create a new address for every server instance without ever having to reuse addresses from deleted servers. However, in today’s world where IPv4 dominates it’s worth remembering that your cloud server’s IP address may come with some baggage.