New 2017 Security Website Changes

Share it with someone:

The New Year has arrived, along with all the new challenges it brings us. This year there will be a big push to get websites to change their operating mode from a standard unsecure data stream site to a secure data stream site using SSL technology. SSL stands for “Secure Sockets Layer,” which provides encrypted data from the Internet site you are visiting, to your web browser. You will know you have a secure connection when you see a locked symbol within your web browser’s address bar. This year Google, through their Chrome software and WordPress, through their ongoing platform development, will be pressing the issue. The recommendation from our website security provider is to convert over to SSL or begin loosing visitors do to all the disinformation and misinterpretation caused by many of the current Internet players. Thus, the cost of running a private website is now going up. The upside to this change will be better security for our visitors in the areas of logins, monetary transactions, E-mail communications and the simple transfer of our web page information to your web browser.

As of January 28, 2017, RCETC.COM has been operating using SSL technology. I am hoping the cost of SSL will drop as more websites come on-line using this technology; perhaps by next year we will have an answer to that hope.

The challenges to this conversion have been educational, while at the same time it will be a learning curve for our visitors. An explanation is required.

The issues with securing a web site are many, but to keep it simple, let us just say that on our site, the only unsecure issue is when we import third party content from another unsecure website. Web site content can only be secure when it’s produced internally on its own secured web domain, or it’s linked to another secure website that it pulls its web content from. The only way to resolve the unsecure content issue is to get the other web sites to convert to SSL technology. Time and money to do this are the issues for website owners. If someone has a large website, to go through all the pages and check their compliancy is very time consuming, as we discovered along the way.

Because we use outside content resources, we cannot wait on others to convert their sites. Therefore, we have taken the strategy of isolating as much unsecure images and content by moving it to their own web pages, which we list for you here: Our home page is unsecure because of some advertising image/links and two other features we use, both from the same website organization that produces our Christian movie reviews and commentary. On our “Interactive Links” page, we made some changes by removing the right side panel and moving the “Hot Christian Links” feature to its own page, along with our audio devotional player that was located on the home page. These two feature are accessible through a link on the “Interactive Links” page, under the link labelled “Christian Ministry Links.” Our “Stay Informed” page comes to you unsecure, even though you see all there is to see without taking any additional action. This is because the information delivered, comes to us secured, but the images shown are not secure when you click on them. (It is complicated, but the easiest way to explain it.) The last unsecure issue is with our “Trivia Bible Quiz,” which stands on its own page and has not been moved. All our web pages with this unsecure content, carries an explanation in how to access the content on those pages through your web browser. This brings us to the last issue of conversion—the educating of our visitors on how to view unsecure web pages or content on our site.

If you are using Internet Explorer and using the default settings, when you enter an unsecure website or individual web page with unsecure content, a popup window with a button will appear at the bottom of your browser, which will ask you if you want to “See all content.”  To view any unsecure content, you must press that button to give your browser permission to access that page’s unsecure content. This will occur every time you enter an unsecure web page on any site that is secure with mixed content.

The Firefox browsers works this way; if you want to view unsecure content on a secure site, just click on the lock symbol on the left side of your address bar, from there follow the prompts where you can enable or disable the “block unsecure content” feature.

Google’s Chrome browser works like this, when you enter a secure website with unsecure content or what we call a mixed page of content, there will be a shield with an “x” on it, located on the right side of your address bar. Click on that link, a popup window will open, and then click the “Load Unsafe Script” link. The issue we have with Chrome on this feature is, once you press this link, if you continue your visit to other secure web pages on the same secure site, their is no simple way to enabling the secure mode again on that same site. Only by closing and reopening your browser, this feature resets for your site. For this reason, we do not recommend the Chrome browser to view our website at this time. Chrome has been designed to work on an all secure Internet—an all the time scenario—leaving no room for the worldwide Internet to transition into a secure networking partnership, which could take several years, as things stand.

In the end, Internet Explorer and Firefox seem to be the best options for navigating the SSL network worldwide in current environments, allowing the user to select the option to enable or disable its SSL technology when needed. For more information on the enable/disabling instructions, we leave the following link:

https://pearsonnacommunity.force.com/support/s/article/How-to-display-mixed-content-with-Google-Chrome-Internet-Explorer-or-Firefox-1408394589290

Bookmark the permalink.