Google- Blogger Supports HTTPS For Custom Domains

Greeting for the Google bloggers. Google launched another milestone: Supports an https protocol Including redirection to HTTPS for a custom domain. Which allows transferring your blog from HTTP to HTTPS.

One of the good things is, Google provides free SSL certificate for the custom domain. No need to pay extra for third-party SSL providers, which cost more than 10$/year. Thanks, Google Blogger team!

Previously on 03 May 2016, Google announced HTTPS protocol only for its subdomain (.blogspot) and not for the custom domain. That update didn't fulfill all bloggers, especially who setup custom domains.

What Security TSL does Google Provide for the Custom domain?

All the security certificate provided by Google itself. You don't need to do any complicated task like generating, uploading certificates manually which might a headache for you. Google provides 128 bits AES (Advanced Encryption Standard) key. Using an algorithm called SHA-256 (Secure Hash Algorithm) which generate 256 bits (32bytes) hash. SHA is a one-way encryption - It cannot be decrypted back similar to MD5.

TSL (Transport Layer Security), encrypt electronic data before transmitting over the Internet.
Additionally, Google blogger support HSTS (HTTP Strict Transport Protocol). HSTS tells the browser to request HTTPS pages automatically, even user enter HTTP in the address bar.

Why Should You Move to HTTPS/SSL?

  • SSL Provides Trust to End Users
  • It encrypts all sensitive & non-sensitive Information
  • Increase your Site/Blog Ranking In Search Engine (Especially On Google)
  • Provides Data Integrity - Data cannot be modified or corrupted while transfer 
  • SSL provides Authentication - It protects against man-in-the-middle-attacks
  • Gaurd against the Phishing attack
  • Better for Security and Privacy

How to Enable HTTPS In Blogger

As I told earlier It is very simple to setup In blogger. It's just two click task. Blogger will take care of all the stuff.
Follow the listed steps to enable HTTPS.
  • Login to your Blogger Dashboard
  • Click on Setting Dropdown 
  • Go to Setting > Basic > & Look for HTTPS option
  • Select Yes under HTTPS availability do the same for HTTPS redirect.

It is better to move with HTTPS, to achieve SEO and security. Scroll down, take a quick overview of HTTP and HTTPS.
In a recent post on google security blog, Google made clear that starting July 2018, with the release of Chrome 68, It will mark all HTTP sites as not secured.

Quick Overview HTTP vs HTTPS

Port Used Default Port: 80 Default Port: 443
Full Form Hypertext Transfer Protocol Hypertext Transfer Protocol Secure
Security Unsecured Secured
Authentication Not provide Provide Integrity & privacy for visiters
Operates on Application layer Transport layer -TLS
Certificate Not Required Required SSL
Search Ranking Not provide SEO compared to HTTPS Helps to rank your site In search engines
Issue Not issue of mixed content Mixed content might while be migrating from HTTP to HTTPS
Data Transmission Normal Transmission from client to server Encrypt the Information to be transmitted before sending to the server
Possible Attacks Subjected to the man-In-the-middle attack It prevents the man-In-the-middle attack

1 comment:

  1. Thanks for inscribing this writing thorough post. You coated each angle, the nice issue is you'll be able to reference totally different components. It's heaps of key parts that actually makes it work.

    Offshore dedicated