Let TLS Wait [Paid] [Deleted]

[Joeychgo]

and I have to wonder about the SEO implications and if Google may penalize you if you use this

 

[CarpCharacin]

CPanel and Plesk both provide free SSL/TLS certificates. If you have shell access, you can add a LetsEncrypt certificate for free. There are so many options for adding certificates. Stay away from this add-on.

 

[alexD]

This add-on is for those who are either late or unable to enable SSL on their boards.

Not all shared hosting providers update their Control Panels to support Let's Encrypt. Some people rather pay 15 Euros than many times that amount.

If you can/want/need support SSL on your site (e.g. from an alternative free CA), I don't see a reason why not.

 

[alexD]

I've deleted this resource from the Resources, I'm still selling it though to those who need it.

 

[CarpCharacin]

This resource has been removed and is no longer available for download.

Interesting.

 

[alexD]

Interesting.

It might seem a bit grey hat, so I've decided to not advertise it in the Resources.
Still selling it though to anyone interested.

 

[Joeychgo]

It might seem a bit grey hat

seems more black hat to me.

 

[alexD]

and I have to wonder about the SEO implications and if Google may penalize you if you use this

seems more black hat to me.

This add-on was not created with the intention to game the search engine rankings, thus your comment about it being more black hat than grey is inaccurate and insulting.

 

[Ozzy47]

This add-on was not created to game the search engine rankings, thus your comment about it being more black hat than grey is inaccurate and insulting.

Well considering what was said below...

will this trick the google bot too?

99% Yes. For the 1% possibility that it doesn't, there'll be another solution.

And knowing Google will penalize you for not having HTTPS, it could be considered a sort of black hat.

 

[alexD]

That doesn't mean that it was created with that intention.

 

[Ozzy47]

True, but you can see why it might be classified as such.

 

[alexD]

Thus the reason why I removed it from the Resources. It's grey, not black.

 

[Alpha1]

I missed this addon. Is this spoofing SSL connections? If so: will this not trip up various security & anti scripts including malware blacklisting?

 

[rainmotorsports]

I missed this addon. Is this spoofing SSL connections? If so: will this not trip up various security & anti scripts including malware blacklisting?

It changed the input fields so that chrome would not know they were for login details and there for would not show the appropriate warnings. Which once people get used to seeing such things will just be one more thing to look out for on phishing sites yay.

 

[alexD]

It removed the type=password. It also used the -webkit-text-security property.

 

[alexD]

It changed the input fields so that chrome would not know they were for login details and there for would not show the appropriate warnings. Which once people get used to seeing such things will just be one more thing to look out for on phishing sites yay.

Why wouldn't a phishing page use a simple type=password input with free SSL?

 

[rainmotorsports]

Why wouldn't a phishing page use a simple type=password input with free SSL?

I would venture to guess the same reason MANY attacks I have blocked were using http 1.0 which is easy to block since all legitimate traffic to my server is capable of utilizing http 1.1. What is a little bit of code or time so that your traffic isn't so easy to pick out?