Quote:
Originally Posted by ibara
I think it's a good idea to move to https.
Less about the password thing (tbh, I'd be much more worried about security flaws in vBulletin being exploited), and more about the fact that Google's algorithm is going to (if it hasn't already) punish non-https sites by demoting them in the rankings. I'd prefer this site not get punished.
|
Not quite correct. Google will demote a site that handles passwords, credit cards and other security related items that do not use encryption. Sites that do not need such things are not demoted.
Getting TLS up and running on a FreeBSD site running nginx is a piece of cake with the basic settings and using security/certbot and only takes a minute.