SSL at the Skankworks

We’ve introduced SSL encryption for your privacy and peace-of-mind. From now on the site should only serve content from and any attempt to connect to an unencrypted page should be redirected to the secure site. The extra processing overhead will have an impact on the page loading times, and we intend to off-load that to a reverse-proxy. However, the site should remain fast to load, and well-presented. If you experience problems you can always let us know via our twitter account.

The website is self-hosted (on a server in the basement, no less) using WordPress as a deployment platform, Ubuntu and Apache. We also host a couple of other, non-secure, basic websites which are served by the same Apache instance that is serving this site. It can be tricky to set-up wordpress to be 100% SSL secure, particularly if you are hosting multiple sites. We note with some merriment that almost all of the web-pages offering guides, advice, and how-to’s for converting wordpress to ssl either don’t run ssl themselves, or have a broken, semi-secure installation. Accordingly, the will not be putting up an administrator’s guide in the near term. We wish to monitor the site for a while to ensure we’ve removed all non-secure content.

One immediate effect of the upgrade was a very inquisitive visit by the googlebot less than a minute after we tweeted the https URL for the first time. The bot was visibly excited by the security and stayed until it had read every page, examined every image. Our SEO test-phrase “Russian Tanks Spotted” was boosted from position 21/1,800,000 to the number 5 spot over-night, putting us on the front page. We’ve seen some instances of our site at number 1 for the phrase, but we cannot discount side-affects of the filter-bubble from skewing the results. The associated image from the page also got a top row listing on image search. Our experience, then, is that google are indeed favouring SSL-secured web-sites.

For those new to SSL, it is a means by which you can browse websites over a scrambled line. So, for example, if you go to the content of whatever you searched for will not be visible to anybody eavesdropping on your internet cables. It does not, of course, prevent google inc from knowing what you searched for and then selling that information to advertisers or the NSA, if they so choose or are ordered. So even if you are going to a secure site you still need to think about what kind of information you might be sharing, and what they might be wanting it for.

At the we ask for no information about you. We also support Tor and do not block anonymous IP (compromised hosts excepted). If you are a webmaster struggling to secure wordpress, a few essential system adminstration tips are in order: Don’t work against the machine, work with it. Favour the higher quality tools (i.e. do your configurations in Apache rather than wordpress whenever you can).

If you are webmaster and there’s someting you’d like us to cover in our upcoming SSL guide, please use the form below to leave a comment.

Here’s a report from Qualys SSL Labs – we get an A-. Room for improvement. This will be fixed when the reverse-proxy goes in.

Update 23/Aug/2014.
Qualys SSL Labs now give us the coveted ‘A grade’.

This entry was posted in General IT. Bookmark the permalink.