SSL Defined by Kinetic KnowledgeDefine SSL … For The Layperson

Let’s define SSL, which stands for Secure Socket Layers. Typically, when you look at a web page URL in your browser you see HTTP://www.URL.com. The ‘HTTP’ stands for ‘HyperText Transfer Protocol’ and that’s techie- speak for ‘how information is shared between a person’s browser and the website server, Better yet, it is the connection someone makes via browser to your website.

Now add an ‘S’ to make that HTTPS://www.URL.com and you have ‘HyperText Transfer Protocol Secure’, which encrypts information shared between the browser and website server. ‘SSL’ or that ‘S’ is the standard technology for establishing a secure connection between a human’s browser and the website server.

This kind of security became particularly relevant in 2014 when the ‘Heartbleed bug‘ became public knowledge. It allowed nefarious people (= hackers or spies) to listen in on traffic; it enabled an ability to read the data exchanged. The bug was patched, but the incident determined that encrypting user information over the internet was & is necessary. Google feels that it should NOT be an option because SSL protects all website visitors. In some cases, it protects YOU when logging in to your own website!

SSL is not website security, for instance where firewalls identify nefarious IP addresses and block them from visiting the site. No, SSL only protects the web visitors’ connection from the browser to the website. 


But What Does SSL Really Do?

When the link between browser and website server is ‘SSL’ it ensures that all information passed between the two remain private. When a page is only ‘HTTP:’ it is possible that third party computers can get between a browser and website connection and see the information exchanged. A huge issue, for instance, if a visitor to a website is passing sensitive data like credit card information into a purchase form. When SSL is used the information becomes encrypted or unreadable to all but the website host server receiving the information.


Why Is Google After Us All To SSL Our Website Pages?

Nowadays Google’s Chrome browser adds an icon upper left to distinguish sites with SSL from those without. Some would argue the folks at Google are doing their best to inform and motivate safety online. Others would argue keeping everyone safe is good for Google’s business. It’s likely that no one would argue that safety online is anything but good; so the question becomes how to motivate website owners to set about protecting their visitors?! Solution: try the insecure icon (i) Google Chrome now uses to point out that a site is not HTTPS:// in order to help motivate these same website owners. And certainly, it is good for those of us who’d like to use the Internet without concern for our own information theft.

And so Google’s influence has become a driving factor in SSL adoption. Especially because they announced it was going to add the use of SSL as a ranking signal for comparing website pages. They didn’t say where the weight of the signal sits in what is universally believed to be as many as 200 ranking signals, but we can probably assume (at least) for E-Commerce websites it’s high. For the balance of websites maybe not so much yet, BUT if not it is going to become highly weighted for all sites soon.

Detail: starting in 2017 Google Chrome (the browser) is adding a prominent locked icon (upper left) to its browser for when a page is ‘HTTPS’, regardless of whether or not it is e-commerce capable. When not, the icon says “insecure”. There are a number of different SSL certificates you can choose from, some determined by need, some related to hosting and each offers various levels of trust at different costs with varied execution requirements. 


Will SSL Suffice So Far As Web Security Goes?

SSL is not equal to all the security one needs! What’s more, SSL is about protecting visitors to a website and NOT the website owner herself.

NOTE: there is no security absolute! The security threat landscape always evolves. Security is about risk reduction, not risk elimination because the risk will never be zero. Check out The 4 Areas Of Security Businesses Need To Manage to see more on this. 

Security is a continuous process; it is as much about securing and hardening a local environment, the user’s online behavior, and personal internal processes, as it is physically tuning and configuring website connections and installations. Security stems from three things: people, process, and technology. They’ve got to work in synchronous harmony to truly minimize the risks at hand. More soon!!

on duplicate content

On Duplicate Content

We get the question, “may I duplicate content I believe will be valuable to my audience?” quite often. Our answer is always the same: duplicating someones content is never a good practice. Plagiarism can, in some cases, involve liability for copyright infringement. And while Google isn’t interested in policing it, in certain circumstances plagiarism will get a website tossed from the search indexes.

There is a safe practice for copying someone else: If the content is truly valuable to an audience then excerpt & block quote the piece, then credit the author with a live link to her page or post.  

 

How Google Defines Duplicate Content 

To be specific, let’s go to the source / Google for their definition: “… substantive blocks of content within or across domains that either completely match other content or are appreciably similar.” They also say, “Most of the time when we see this, it’s unintentional or at least not malicious in origin… In some cases, content is duplicated across domains in an attempt to manipulate search engine rankings or garner more traffic via popular or long-tail queries.”

They go on to add you should not concern yourself with occasional snippets or quotes being identified as duplicate content, but in the event you are removed from the search results you must then review webmaster guidelines in order to define then deal with the situation. Once you’ve corrected the problem based upon those guidelines, and the site is in order, you can submit for reconsideration.  


Google Duplicate Content Practices

Apparently, during spider crawling and then the serving up of search results, Google trusts their algorithms to rank similar pages correctly. The say, “When filters identify an intent to manipulate rankings or to deceive searchers, the appropriate ranking adjustments are made.” *And Google readily admits they’d rather rely on their automated- filters than on making manual rank adjustments. Because they don’t define a threshold for “adjustments” good logic might place the range of adjustment anywhere between a lesser rank to removal. Your logic is as good as ours, but no one’s time, effort, money and / or future business is worth the risk that comes with duplicating content irresponsibly. Simply put, just don’t!

According to SEOMoz.org’s Eric Enge in his post ‘When Duplicate content really hurts’,

“Conventional wisdom among experienced SEOs is that there is no such thing as a duplicate content penalty. There are exceptions to this rule. Search engines implement a filter… there is apparently a duplicate content threshold where Google’s filter will identify and actually penalize a site.” He says, “I write this based upon a combination of hearsay and also some experience we’ve had we could only speculate about.” Enge also warns that Search Engine spiders only visit with so much crawl bandwidth or what he refers to as budget. If you waste those crawls on content that won’t be indexed successfully, you are sacrificing other useful content that could have been indexed.

In a similar instance we saw a business copy all the lead stories from their local newspaper, despite our warnings against such practices. One day they disappeared from the search engine results pages [SERPs] eliminating any potential visibility. And let’s face it, consumers are researching your service for it’s value & accountability. The risk of their disapproval should be a concern.

Duplicate Content Summarized

Regardless of what one can and cannot get away with, demonstrating a trustworthy, knowledgeable presence on the web is what appeals to most people. If the search engines don’t penalize you for cheating, the humans most certainly will!