If you don’t already know, if your website is not secure with SSL, most browsers will show a malicious website warning to site visitors AND Google will penalize search engine ranking.
The following should all resolve to a secure site:
But, they don’t. It’s really just a little .htaccess code that should be added to every site on Wine Direct.
I’m troubled that the Wine Direct team cannot resolve ALL versions of website domains to https://
Here’s their response to my email:
We operate a redirector server that redirects traffic from bare domains (AKA root domains) to their www counterpart. For example, redirecting requests from http://pinewines.com to http://www.pinewines.com. This server does not support HTTPS connections. For example, try this link: https://pinewines.com (Notice that this URL is using HTTPS). This link will always timeout and fail. Try http://pinewines.com instead. This is simply a limitation of our redirector. There is no plan to change this.
Every hosting company out there does this. Wine Direct needs to find a way to do this, too.
Does this mean that winedirect does not support HTTPS
connections with the exception of the store?
Does this mean I have to go to a different host to get a
certificate and then install it or do I have to move my domain. sorry if these are stupid questions but I have been tasked with getting the SSL and I don’t have a grasp of the topic.
If you look in Settings > Website Settings and scroll down the Settings tab, you will come to an area that allows you to select SSL Everywhere. If I’m not mistaken, that will provide the experience you are looking for.
I don’t believe this response. WineDirect/Vin65 has been supporting SSL on the platform for years. I’d reconnect with the support team and direct them to their own support documentation.
@wendy We do support https. By default it will be used on any pages requiring security such as member account pages and checkout and it can also be enabled across your entire website as Jeff mentioned in the Website Settings (or you can reach out to support to turn it for you.)
We don’t have any plans to support https on our redirector currently, but you can choose to point your root domain elsewhere and it won’t have an impact on our service.
https://douxvin.com (or using your example) https://pinewines.com ARE THE MAIN urls for the websites. It’s the url that MOST people enter manually. And for them to not be resolved https:// damages Google ranking. I don’t understand how this is hard to fix GLOBALLY and why you wouldn’t want it GLOBALLY.
Not just for me, but for every site on your system.
There’s loads of info regarding Google ranking penalties:
“I understand your point of view and can’t argue with you. Honestly, I wish that I could relay the message that at some point the server will be updated. But those details haven’t been made available to support.”
It looks like the mailchimp form being used on the Sign Up page is using some external scripts through “http” causing the page to not be secure and the form to not submit properly. If you have a developer who added in the scripts / external form, I would get them to take a look and make adjustments for https.
Our Redirector now supports HTTPS connections. If the A Record for your root domain points to our redirector ( 52.41.61.31 ) you should now be able to use links such as https://pinewines.com (without the www).