Blog Post

Release Notes
1 MIN READ

Full HTTPS Encryption for all Communities

SuzieH's avatar
SuzieH
Khoros Alumni (Retired)
7 years ago

Lithium is moving all customer communities to full HTTPS encryption. This change better protects your organization and your end-users, while paving the way for performance improvements and great, new features.

 

Lithium is deprecating support for the following community configurations with Community release 18.2 (March 2018):

  • HTTP-only community mode
  • "Mixed mode" HTTPS support

These configurations will remain available through 18.7 (August 2018). After 18.7, support for these configurations will be removed.

 

Lithium is reaching out to impacted customers over the next several weeks with instructions to initiate their migration to HTTPS. Customers will only need to take a few simple steps in order to complete this important change.

 

What does HTTPS do?

  • Authenticates the website to the end-user
  • Encrypts all data and communication passed between the end user and the community
  • Safeguards customer data, preventing attacks

Why switch to HTTPS now?

Major browser and search vendors are making changes to flag pages that are delivered over HTTP as 'not secure' after July 2018. HTTPS is also a factor in search engine ranking. It's presumed that search vendors will add weight to HTTPS in their ranking formula this year.

 

Simply put: moving to HTTPS is the right thing to do for you and your customers. Protecting your end-users online is an absolute priority for us at Lithium. Moving Community to HTTPS-only support is the next, right step toward keeping your end-users and their data safe.

Updated 7 months ago
Version 2.0

3 Comments

  • Hi SuzieH. Is there a scheduled date for implementation/activation of "Full HTTPS Encryption for all Communities" or is HTTPS active when Ver 18.2 is applied to the community?   Also are there additional steps required on the user side?

     

     

  • KrisS's avatar
    KrisS
    Khoros Alumni (Retired)
    7 years ago

    jlinster the idea is to be on full-site SSL prior to Chrome release 68 dropping in July. This can be done at any point, but will require some work to be done on both sides.

     

    In addition to enabling SSL or switching from partial to full-site SSL, we'll need to review your studio content and change any hard-coded HTTP links to HTTPS. Additionally, if you have any hard-coded links in the admin panel (custom content modules, announcements, etc.), you'll need to change those to use HTTPS or a relative path.

  • PeterS's avatar
    PeterS
    Khoros Staff
    7 years ago

    This is great to hear! Solid boost for Community SEO.