Start filling out a form on for sale landers and you’ll see a “not secure” message.
Yesterday I wrote about how landing page companies are adding SSL support for domains on their platforms in order to meet Google’s deadline next month. Starting next month, domain names with any sort of user submission form that don’t have an SSL certificate will be marked as “not secure” in Google Chrome when people enter text in the form.
This is also going to be an issue for domain name for sale pages that have a contact form. A “not secure” message in the browser will surely lead to some drop in conversions. The message will only appear when someone starts typing in the form, but that will probably catch their eye. It would be much better to have the green secure padlock.
You might say “Hey, if they really want the domain, they’ll find a way to contact me”. But domain sales companies have worked tirelessly to improve the conversion rate of their sales forms, so dismissing this issue out of hand doesn’t make sense.
Most of my domains are parked with Afternic and Uniregistry, and both of these should be OK.
Afternic parked pages don’t have a form on the landing page. Instead, like many parking companies, they include a banner with a link to a form on a secure site.
Uniregistry is the same for standard parked pages. If you choose the sales form option, the domain forwards to a page on Uniregistry.com that has SSL. For example, go to Sweller.com and you’ll be forwarded to Uniregistry.com.
I also have a few domains at BrandBucket. These have a contact form and will be marked as “not secure” starting next month if someone starts typing inside the form. Ditto for domains at Efty.
SSL certificates can be obtained for free, so there’s a solution for these companies that will not require shelling out lots of money on SSL certs. However, it’s going to require some technical work to make this happen. I recommend domain sales companies get working on this. Fast.
i just wait for people to contact me through whois..is that bad? i don’t want to give commissions to other companies. i should really set up my own landers i guess.
I agree 15-20%+ commissions are absurd are 5 figure domains. They don’t even have to get out of their pj’s, blockchain to the rescue
I’ve done this long time ago. And I still keep encouraging other domainers to do the same, but many are simply lazy investors.
For example, if you go to Whiny.com it will be my standard lander for sale domain. Sorry for self advertising (please delete this part if not ok)
Thank you,
[email protected]
My opinion, is this is one more way the internet will soon be a big JOKE,I do not use Chrome, hopefully know one else does. . But, where does a person get the SSL certificates for free?
I believe Firefox is going to do the same thing.
Free SSL is available from letsencrypt.org.
Also, InterNetX gives a free SSL with each domain.
Is a free SSL cert from letsencrypt.org considered as good as any other? What’s the catch?
No catch. It simply works as any other DV-certificate. (DV stands for Domain Validation).
The catch was for CAs to charge anything more than zero for DV certificates that have no real value; OV (Organization Validation) and EV (Extended Validation) certificates are SSL certificates like originally issued.
Here’s why they’re free and details:
https://letsencrypt.org/docs/faq/
One drawback is they’re only good for 90 days at a time. Also, at least at first, not all services recognized them.
The 90 days is no big deal because you setup a weekly cron to auto renew.
Yeah, for the technically inclined, might make sense. For a large landing page service it certainly does. For the typical small biz owner a longer term cert make be easier.
Some webhosts offer let’s encrypt and auto generate the certificate for you
Wow you sure have a lot of 3 letter .com’s Perfectname.
Thanks for informing us on this Andrew. Having that green padlock is a necessity, not a nice to have anymore.
“But domain sales companies have worked tirelessly to improve the conversion rate of their sales forms, so dismissing this issue out of hand doesn’t make sense.”
People need more custom options, not “optimized” forms according to what the lander provider thinks. A lot of communication occurs via mobile, where such warnings don’t ever appear.
Note that Let’s Encrypts has some rate limiting in certificate generation, so in order to meet the deadline for thousands of domains, one needs to start right now.
All that is required is for you to enable DNSSEC on your domains, and use DANE.
Then you can generate your own FREE SSL certs that are tied to your domain and verified up the DNS chain.*
Of course, this won’t help right now because the major browser authors (Google and Firefox) refuse to bake DANE into their browsers, citing “cert pinning is the way to go” even though that’s since been proven to be wrong as it has security holes.
I wonder if the fact that they are financial tied into the “free” Let’s Encrypt service is the real reason they won’t allow domain owners to control their own security?
* Also improves email anti-spam systems via DKIM.
Would love to see more discussion on that. But people are afraid to mention Google, the biggest enemy and partial destroyer of domains names of all, are they not?
Stupid lazy webmasters using “free” Google Analytics was the main source of Google’s early power, allowing them to know everything about Internet users. Then “free” Google Webmaster came along and all the webmasters lowered their trousers and allowed Google to dictate to them what their web pages had to look like.
And now, we are no longer free.
Well said, Drewbert. And you have hosting companies all but forcing the Google Analytics on you too.
There is a legitimate performance concern from browser vendors, not only Google, about DANE for web browsing. There is technology being developed to address those concerns, which works similar to OCSP Stapling, and we still might see pure-DNSSEC validated PKIs in the near future.
Note that Google as an e-mail provider fully supports DANE for e-mail encryption.
Google Webmaster states an SSL certificate boosts your ranking in searches period. It’s another step allowing Google to force SSL across the Internet regardless of a site function
Sweller.com does not resolve, most likely because the host blocks visitors using VPNs. This is standard practice at Afternic and Uni.
Lots of people should just move to build their own marketplace. Then just use one cert and fwd domains to landing pages.
First Google forced me to add SPF and DKIM to my sent emails when they started bouncing all my emails, calling them spam. Now they forced me to add SSL.
Just redirect to a secure landing page (ie, what Uniregistry does)
Problem solved