12

SSL Encryption and RA revenue (Read 351 times)

eric :)


    Hi all,

    After switching RA to use SSL exclusively in February, I noticed that occasionally, IE complains about not everything can be loaded because some content is insecurity.  Browsers don't like to mix secure and insecure content.  IE will ask if you want to display insecure content on every page load, which can be annoying.  I looked into it and determined that it was caused by some of the ads being served without encryption.

     

    Most of RA's revenue comes from ads, with a small amount from the ad-free subscriptions.  It pays for all of the operational expenses, which include web hosting, equipment costs (servers), service and legal fees.  What's left is my income.

     

    The ad revenue drops significantly at the beginning of ever year.  I attribute it to the post holiday season lull.  This year, the ad revenue dropped more than half and it remained at this depressed level ever since.  While tracking down the IE problem, I can upon a Google page explaining issues with ads on websites that encrypt all their pages.

     

    The way Google ads work is through an auction process, where each ad competes against each other for your attention based on price should you decide to click on it.  The ad that's willing to pay out the most is the winner, which is displayed.  As Google explains it, not all ads served by Google support SSL encryption  If a page is encrypted, then Google can only display ads that support encryption.  With fewer ads to compete in the auction process, the price is lower.  As a result, RA's ad revenue drops precipitously and you end up seeing the same boring ads.

     

    The ad revenue is at an unsustainable level.  I have to come up with a way to preserve your privacy while providing the revenue needed to operate the site. I started thinking about the purpose of encryption.  If a page is publicly accessible, does it really need to be encrypted?

     

    A good compromise is to disable encryption for pages that are reachable by search engines.  These pages include forums, public groups and public logs.  Non-public pages such as private logs, private messages and private groups will remain encrypted.  While this solution does not bring the ad revenue back to its normal levels, I believe it is a balance between everyone's interests.

     

    eric Smile

    Trent


    Lord of the Monkeys

      +1

       

      Thanks for the awesome transparency.

        Thanks, Eric. I hope this gets your ad revenue back up. Nice to meet you and Dragon in Boston, by the way.

        BeeRunB


          Only pages where someone gives personal info for payment needs to be encrypted. Our accounts are already protected by password, and you can keep your log private if you want. I'm not sure exactly what else needs to be so secure here. Even if your group is private, it's really not anyway--there are no closed systems in that regard. I wouldn't care if you stripped the site of SSL entirely, except for when making payments and donations. Hope your revenue comes back, Eric.


          Feeling the growl again

             I wouldn't care if you stripped the site of SSL entirely, except for when making payments and donations. Hope your revenue comes back, Eric.

             

            Yup.  As long as the site doesn't leak my payment info or email address everything else I'm not concerned about.

            "If you want to be a bad a$s, then do what a bad a$s does.  There's your pep talk for today.  Go Run." -- Slo_Hand

             

            I am spaniel - Crusher of Treadmills

             

            eric :)


              Only pages where someone gives personal info for payment needs to be encrypted. Our accounts are already protected by password, and you can keep your log private if you want. I'm not sure exactly what else needs to be so secure here. Even if your group is private, it's really not anyway--there are no closed systems in that regard. I wouldn't care if you stripped the site of SSL entirely, except for when making payments and donations. Hope your revenue comes back, Eric.

               

              I changed to site wide SSL because I received emails and messages from users asking for it.  Each user expects a different level of privacy.  I'm not going to comment on the effectiveness of encryption.  I just want to strike a balance between the needs of the users and the website.

               

              I'm in the process of deploying the changes.  There might be a few broken links.  If you find them please let me know and I'll have them fixed ASAP.

               

              eric Smile

                +1

                 

                Thanks for the awesome transparency.

                 

                Agreed.  You do what you think is necessary, and I'm staying no matter what.  :-)

                The Plan '15 →   ///    "Run Hard, Live Easy."   ∞


                Feeling the growl again

                   

                    There might be a few broken links.  If you find them please let me know and I'll have them fixed ASAP.

                   

                  eric Smile

                   

                  Well, right now I can't open any threads in any user groups, I get a "Fatal Error" message.  Running Safari.

                  "If you want to be a bad a$s, then do what a bad a$s does.  There's your pep talk for today.  Go Run." -- Slo_Hand

                   

                  I am spaniel - Crusher of Treadmills

                   

                  C-R


                     

                    Well, right now I can't open any threads in any user groups, I get a "Fatal Error" message.  Running Safari.

                     

                    Me too.


                    "He conquers who endures" - Persius
                    "Every workout should have a purpose. Every purpose should link back to achieving a training objective." - Spaniel

                    http://ncstake.blogspot.com/

                    Trent


                    Lord of the Monkeys

                      The most secure websites are the ones that don't open

                      eric :)


                        fixed

                        MarjorieAnn3137


                        Run to live; live to run

                          Not fixed in user groups. On forum I can respond to posts, like now. But cannot in my user groups. I get fatal error.

                           

                          I am on my ipad so safari.

                          Marjorie

                          Cyberic


                            I understand you trying to accomodate the majority of users, and you already said you won't argue about SSL here, but for what it's worth, I don't see a problem with you taking it away. Hope your revenues go back up.

                            MarjorieAnn3137


                            Run to live; live to run

                              Thanks Eric. Can do user groups again.

                               

                              Hope revenue returns.

                              Marjorie

                              eric :)


                                Hi MarjorieAnn3137,

                                You should be able to post from groups now.  Let me know if you are still having problems.

                                 

                                eric Smile

                                12