Options
Custom domain now or wait?
Terran
Registered Users Posts: 22 Big grins
Hi All,
New to the forum here. I just signed up for a portfolio plan, and am very happy with the new site.
I bought a new domain for my site, but realized after I published it that it no longer had the https, but had reverted to http.
A lot of http sites are now triggering warnings that the site is not secure, especially in Chrome, so I I quickly switched back to the default domain. But I'm worried about whether or not this will affect branding.
What would you folks recommend? Staying with the secure default domain until Smugmug supports https for custom domains, or using my custom domain now, and risking possibly losing customers?
Thanks in advance :)
New to the forum here. I just signed up for a portfolio plan, and am very happy with the new site.
I bought a new domain for my site, but realized after I published it that it no longer had the https, but had reverted to http.
A lot of http sites are now triggering warnings that the site is not secure, especially in Chrome, so I I quickly switched back to the default domain. But I'm worried about whether or not this will affect branding.
What would you folks recommend? Staying with the secure default domain until Smugmug supports https for custom domains, or using my custom domain now, and risking possibly losing customers?
Thanks in advance :)
0
Comments
If you're using your site for business, do you really want to change the URL once you have it established?
If your business plan calls for a custom domain then it makes sense to use that custom domain from the beginning.
I haven't seen warnings on my site or on other smugmug sites that use custom domains (and continue to use http://). Have you seen warnings yourself?
Musings & ramblings at https://denisegoldberg.blogspot.com
Just to add, if you're waiting until SmugMug supports https for custom domains, you may be waiting for a LONG time.
Images in the Backcountry
My SmugMug Customizations | Adding CSS to Your Site | SEO for the Photographer | Locate Your Page/Widget Number | SmugMug Help Desk
Glad to hear you haven't had issues with http yet, but yes, I've gotten several warnings now in chrome over both smugmug and other safe sites that use http. Smugmug reassured me they are working on it as a priority, but I do realize it might be quite some time yet.
Thanks for the replies. Tough decision. :)
There's really no good reason to wait. If you want https image links you can still use it against smugmug exactly as today. If you are putting links to galleries and pages you can use http links and not have to change them later (generally URL's as opposed to SRC/HREF links are valid as HTTP even on a HTTPS page). Or, you can get your domain and have it and be experimenting and keep using the smugmug name -- there's nothing about having one that prevent you from using smugmug instead.
And the amount of money saved by a year's domain registration is lost completely in the noise, unless you count your time for nothing.
Yes, exactly. Setting up a custom domain allows it to work ALSO, it does not turn off any of the features (at least any I can think of) that were there before.
Example: My web site via custom domain: captivephotons.com/ and via Smugmug: https://linwoodferguson.smugmug.com/
Notice the https on the latter, though it will get there without the "s", it just switches.
Photo link with custom domain:
Photo link with Smugmug:
(To see the above you might need to look at page source or drop back into debug, but one has http with my custom domain, one has https with photos.smugmug.com.
So basically you can set up a custom domain and use it only as much, or as little, as you like. There's no downside (but the fee), and assuming your plan with the domain name doesn't change (i.e. you change domains), you can be making progress using it.
If I request a link to the shopping cart on an image with my default domain, I get a secure link. If I get the same link on my custom domain, it is only an http link, not an https.
Is this working as intended? It was suggested that this kind of duplication is frowned upon by Google. Can anyone clarify? Thanks :)
Update: Google must be trying to figure it out. Just uploaded a photo to the default domain in the hopes of getting a secure link, and after uploading, then hitting "organize" the domain switched to the custom one, and the store link is now http: instead of https: Sigh, it's late. Tomorrow is another day. ;)
Support for custom domains does not currently use https. It doesn't matter if you upload to your smug domain or to your custom domain, if the custom domain is used then http will be used.
It's your decision whether to use a custom domain with http or to use your smugmug URL with https.
Switching domain names from smugmug URL to custom domain at some point in the future may be confusing to your viewers.
Musings & ramblings at https://denisegoldberg.blogspot.com
One thing you can do to keep everything working smooth is use only relative links on your site. This means that however your site is entered, the nickname or custom domain, it will stick for all you pages and won't switch between them. For external links to your site from other sites/email etc., you will have to pick how they enter.
example of relative link:
https://nickname.smugmug.com/whateverFolderOrGallery/Gallery
http://customDomain.com/whateverFolderOrGallery/Gallery
The relative link is everything after the ".com".
/whateverFolderOrGallery/Gallery
My Website index | My Blog
That last sentence is really the one to focus on, though it is a one-sided view. The other side is that delaying may be more confusing, and this depends on you. My original postings were based on the idea that ONE DAY you will switch to a custom domain. So the idea is that the more you can get switched over, earlier, the less it impacts.
"More" and "less" here have two domains though. One is just telling humans, and when that is easiest or hardest is one aspect.
But "I put links in social media and other web sites" is what I view as most significant, as those links start contributing to your reputation (in a SEO sense as well as human sense). The longer you wait to switch, the more links you are adding out there that say "smugmug" instead of your name. The sooner you start putting them in the sooner your domain starts show up in more google searches.
Smugmug's failure to find a path to full https support is a major confusing factor in that, but if you dig under the covers it should not be a reason to delay.
Do be sure to follow Allen's advice on relative links in your Smugmug pages (NOT in external links on other forums of course).
Thank you so much for the replies.
Currently, the majority of external links to the shopping cart or image page are with the default domain.
@Allen , do you mean I can use a secure relative link with my custom domain? It may be an option if I decide to keep the custom domain. Otherwise, I think it would be best if I switched back. I notice Trey Ratcliff and other top photographers are using the default.
Sorry @Ferguson, I had misunderstood an earlier post. I thought I could use both domains, but if I enter the default address now, it quickly switches to the custom domain.
I really appreciate everyone taking the time to help.
No. You can't use https with a custom domain. It doesn't matter if you are using a relative link or the full URL.
Musings & ramblings at https://denisegoldberg.blogspot.com
No, it does not, at least not if you do it correctly. Feel free to browse my two domains and see if it switches (other than the shopping cart), and if so tell me how to reproduce it so I can fix it.
http://www.captivephotons.com
https://linwoodferguson.smugmug.com
You must use relative links for this to work properly, but that's just fundamental web mechanics and not a Smugmug issue.
Just for clarity there is no such thing as a "secure" relative link. Nor an "not secure relative link". The point of a relative link is that it has no specification of protocol (which is where the secure comes from) or server at all, it is purely about "from this place take two steps sideways and one forward". Relative.
So with a relative link, it inherits the type of access you are in when you click on it. If it's secure (and to the nickname domain) it remains secure. If it is not secure, it stays http.
The issue with secure (i.e. SSL encrypted) is that Smugmug in combination with their CDN (caching company basically) cannot do HTTP on custom domains, at least not as many as are needed. So they just haven't. They want to, but they do not want to badly enough (for example, they could do it TODAY by turning off their CDN on customer domains and having beefier and more robust server infrastructure, but that's expensive and they do not. I can't really fault that decision (though it is important to keep aware it is a business decision as much as a technical one)).
Hi @Ferguson , I just checked out the links. If I click on your default domain, it takes me to the default site, however as soon as I click on a photo in your site, the link in the address bar changes to your custom domain.
I don't know if this comment is helpful or not but there's a lot of misconceptions about "secure" web sites, so a brief aside....
The primary reason for wanting a secure (HTTPS) site is to know that you are _on _the site you asked for. It is not really about "someone could spy on this connection" (though it addresses that), nor that there is something about that site that makes it inherently more secure (at all). It is primarily about identity.
If you go to http://abc.com, the ONLY assurance you are at the ABC company is that somewhere, buried inside your computer, its ISP, and lots of other places the name ABC.COM translated to 123.1.2.3 or some other IP address. All sorts of mechanisms can hijack you and send you to http:://badguys.r.us instead, and you have no way to tell. None. So you then might enter information that you would not if you knew you were on a hacker site.
On the other hand, if you go to https://abc.com, there is a separate and somewhat well guarded process to promise that you really are at a site owned by the company that controls the ABC.COM domain (at least) or in some cases a real, legitimate company ABC (for much more expensive certificates).
That said, there is absolutely nothing that this assurance does to promise that the real site abc.com hasn't been hacked, and is not itself collecting your information and passing it on to the bad guys. Nothing. It is not "secure" in that sense at all.
It just says that the site's name is actually, really, abc.com.
I am not trying to talk people out of using SSL (HTTPS) by any means, frankly the whole web needs to do it and sooner is better than later.
But when people think "My site is not secure" they almost always are thinking about it incorrectly. All they are really saying is "someone going to my site cannot prove it is me, instead of a hacker". Your site may be extremely insecure (actually not if it's on Smugmug) and still be "secure" in terms of https. http/ssl is a good thing, don't get me wrong, but the rason most people want it is more about "me too" than because it really matters, today, from a practical sense.
THe MUCH bigger issue, for Smugmug, will be when google (et al) stop passing out links for non-SSL sites. If they ever do.
......We now return you to the regularly scheduled discussion already in progress.....
Thanks @denisegoldberg . I am really undecided now. Stick with the new custom domain, which just went live yesterday, or for the sake of security, revert back. Currently all links to the image pages are with the default, but if I continue with the custom, they will now be http. It may be quite some time yet until they are able to add the https.
I do see that once you get to the "see cart" while shopping, it does revert to a secure https:
Oh my goodness, it sure does,.
I am using Smugmug's menu bar. It is broken. It's a bug. Shame on Smugmug.
It can be fixed though. I just changed the menu pick Sports / FGCU / General as an example if you want to try it. Not sure if I've got the energy to go manually change them all, but I should.
But you could set them that way to begin with. I still maintain it should be possible. But programmers are sloppy and let absolute links "leak" in if you are not careful, like they did in that menu bar.
I'm sorry for the confusion. I never noticed that (as I use the custom domain 99.99% of the time). My own links (e.g. the 3 under that from the home page which are the most recent galleries) are relative, for example, because I manually enter them.
Thanks for the explanation on security in your previous post. It does clarify things. I am hoping the switch happens soon. It will put this messiness to rest. The web itself is starting to demand https, (higher rankings, the security warnings in web browsers, etc) so I expect they are working extra hard to make this happen now.