Closed elondaits closed 8 years ago
Before moving all traffic to https it's important to optimise the site as much as possible to diminish the impact of the extra encryption.
Consider the use of a CDN to server static content (esp. images) through SSL and see #101
https is now used for ALL users.
As all the web is soon migrating to https (various ongoing projects to accomplish this over 2015-2016, Google will also be ranking https sites higher) Imaginary should too. Access through public / unsafe connections is much the norm now and http connections not only expose user data but makes them vulnerable to all sort of data injection (ads, malicious scripts, etc.)
The first step would be to redirect all registered user access to https.