Why do I need HTTPS security for my hosted website?

HTTPS (Hypertext Transfer Protocol Secure) is a level of encryption security that take place during the connection to the website you are visiting with your computer browser (Firefox, Chrome). Websites with HTTPS achieve this level of security with an SSL certificate (Secure Sockets Layer) installed on the hosted server. Viewing a site over a non-secure connection (HTTP) opens the interaction with a website to hackers/criminals that could intercept the data you send and receive through your browser window. Passwords, email addresses, anything typed into form fields can be intercepted. HTTPS encrypts that connection between the browser and website. This encryption make it more difficult for hackers to intercept the data sent between a computer browser and the website viewed.

Value of HTTPS for Search Engine Optimization

Recently, Google announced that HTTPS security would become a ranking signal with factoring search traffic. It’s inevitable that all websites will require HTTPS security. It is, therefore, important that your site makes the switch to HTTPS sooner rather than later. Several browsers are now showing ‘not secure’ messages when a website does not have an HTTPS connection. It’s easy to scare off website visitors! When presented with a notice of a possible security issue, it’s most likely a potential customer will switch to a website of your competition.

How to add HTTPS security to your website

You should be planning to make the switch to HTTPS in the coming year. Check with your hosting service (Website Domain Service or GoDaddy for example) to see what types of SSL certificates they offer. The level of security you need will tell you which SSL certificate to install. Website Domain Service offers a simple tool installation tool to make adding HTTPS to a hosted website easy. If you run into installation trouble or have questions, WDS also offers 24/7 phone support to assist with any possible installation questions.

Best Practices for improved SEO

Adding HTTPS to your website will give you a slight advantage against your competition that has not yet made the security upgrade. This security install, along with good site content, will improve your site ranking in organic search results.

Blacklisted plugins

“Your Hosting Provider has blacklisted the following plugins…”
No web designer wants to see this message when checking their managed wordpress accounts. Hosting servers such as Website Domain Service are working to protect the integrity of hosted accounts. Suspected plugins are sometimes deleted from user accounts.

In some cases the hosting service will “remove” a plugin that is suspected of being compromised, then email the administrator to let them know. “Better safe then sorry” said owner Joe Birch of In-House Graphics. “I like that my website hosting service is watching my back. Bad guys are always working to find a crack in a website.

Plugins on the blacklist:

Note: This is not an exhaustive list of disallowed plugins. Just a list of the most used as of October 2017. It is a best practice strategy to remove these plugins even before your hosting platform does it for you. (Not all hosting platforms will perform this level of security. You should contact your hosting service to see what level of help they offer.)

Plugin name Category More info
6scan-backup Backups Abandoned/unsupported plugin
6scan-protection Duplicate functionality Abandoned/unsupported plugin with duplicate functionality
adminer Duplicate functionality See description of category below
adsense-click-fraud-monitoring Performance See description of category below
broken-link-checker Performance Instead, use client software on your computer or an external service
contextual-related-posts Related posts See description of category below
clef Security Abandoned/unsupported plugin
ezpz-one-click-backup Backups Abandoned/unsupported plugin with duplicate functionality
fuzzy-seo-booster Related posts See description of category below
google-sitemap-generator Performance Versions < 4.0 only — Instead use Google Sitemap or WordPress SEO.
google-xml-sitemaps-with-multisite-support Performance Instead use Google Sitemap or WordPress SEO
InfiniteWP Client Security issues Versions 1.3.8 and below – vulnerability details
jr-referrer Stats See description of category below
MailPoet Security issues Versions 2.6.6 and below — vulnerability details
p3-profiler Unnecessary / nonfunctional No longer receiving updates
portable-phpmyadmin Duplicate functionality See description of category below
referrer-wp Stats See description of category below
seo-alrp Related posts See description of category below
sgcachepress Unnecessary / nonfunctional From customers migrating from SiteGround, unneeded
similar-posts Related posts See description of category below
statpress Stats See description of category below
synthesis Unnecessary / nonfunctional From customers migrating from Synthesis, unneeded
the-codetree-backup Backups Abandoned/unsupported plugin
toolspack Security issues Vulnerability details
updraft

Note: We do not blacklist UpdraftPlus.

Backups Abandoned/unsupported plugin
w3-total-cache Caching See description of category below
wordpress-beta-tester Unnecessary / nonfunctional Non-functional on GoDaddy Managed WordPress Hosting
wordpress-gzip-compression Duplicate functionality See description of category below
wordpress-popular-posts Related posts Versions 3.1.1 and below
wp-cache Caching See description of category below
wp-cachecom Caching See description of category below
wp-copysafe-web Security issues Vulnerability details
wp-copysafe-pdf Security issues Vulnerability details
wp-engine-snapshot Unnecessary / nonfunctional From customers migrating from WP Engine, unneeded
wp-fast-cache Caching See description of category below
wp-fastest-cache Caching See description of category below
wp-file-cache Caching See description of category below
wp-phpmyadmin Duplicate functionality See description of category below
wp-postviews Stats See description of category below
wp-power-stats Stats See description of category below
wp-slimstat Stats See description of category below
wp-super-cache Caching See description of category below
wpengine-common Unnecessary / nonfunctional From customers migrating from WP Engine, unneeded
wponlinebackup Backups Abandoned/unsupported plugin with duplictate functionality
yet-another-featured-posts-plugin Related posts See description of category below
yet-another-related-posts-plugin Related posts See description of category below