There’s been a little buzz, and frankly some people freaking out over Facebook’s plan to force all fan pages to be secured by October 1, 2011. As of this writing, that leaves us fan page owners about a month to prepare. According to Facebook:
As the web evolves, expectations around security change. For example, HTTPS — once a technology used primarily on banking and e-commerce sites — is now becoming the norm for any web app that stores user information. We feel that HTTPS is an essential option to protect the security of Facebook accounts, and since Apps on Facebook are an important part of the site, support for HTTPS in your app is critical to ensure user security.
Just a quick look at the comments shows that this sweeping – and unstoppable – change is not being taken well by a lot of developers and fan page owners. Myself, I feel that forcing developers to secure fan pages that are displaying basic content with a fan gate, video and images is a little over the top.
The effects of this is that every single fan page on Facebook – whether they use free tab apps, custom code, Fanpage Connect Free or Pro – all of them have to be secured. So the bottom line is, whatever your feelings on the upcoming change, it’s really beside the point. It’s going to happen. So what can you – or what must you – do about it?
As of right now, you have
Until Facebook flips the switch and requires all fan pages to be secure. Are you ready? Let’s see what securing your fan pages means, and more importantly, what it’ll cost you. It’s not as bad as you think!
What is SSL?
SSL stands for Secure Socket Layer. Basically, it’s the technology whereby a user’s browser and your server talk to each other using encrypted data. This makes it much harder (not impossible) for hackers and other nasty people to get personal data.
To secure your site, your server needs to have a secure certificate installed, either shared by your host (works for a lot of domains), or a single certificate for your site/domain only.
If you’re going to be using a single site certificate, then you’ll also need a dedicated IP address for your site.
Shared SSL vs. Standard/Dedicated SSL
Shared SSL can be provided by your web host and generally doesn’t take too much work to get going, and is typically no additional cost. Basically, your host will give you an additional domain/URL that lets you access your site securely, like yourWebSite.yourHostsSecureURL.com. While the URL is ugly, it’ll work, especially if you’re pages will be inside Facebook’s iFrames.
The downside to shared SSL is that WordPress doesn’t play well with it, and while your web host may provide shared SSL, it might not work on your blog. If it does work, then you’ll still need an extra WordPress plugin to make it work well – but we’ll get to that in a minute.
As an example, we use IX Web Hosting for some of my sites, and their shared SSL is working very well with our fan pages. Our shared SSL URL is: fanpageconnectdemo.c9.ixwebhosting.com (wow that’s ugly) and you can see that our Fan Gate example works pretty well. However, we’ve had some reports that other hosts’ shared SSL doesn’t work so well with WordPress.
Standard SSL will most likely be the solution for most fan page owners and developers. To secure your site, you’d need to A) buy a secure certificate, B) get a dedicated IP, and C) have your host install your secure certificate. All in all, the process is not overly hard.
Ok, So How Much is This Going to Cost?!
This is what’s been freaking people out, and really it’s not bad. Seriously! How much are you paying for hosting – 7, 8, 10 dollars per month? Typically, a dedicated IP address will cost you an extra $4 per month. That’s less than one grande latte per month. One of our hosting accounts, IX, costs about 8 bucks a month, and we get 15 dedicated IPs. That’s a great deal.
Ok, so let’s talk SSL certificates. Right now, GoDaddy has a sale on secure certificates: $12.99 for a 1 year certificate. So that’s what, three lattes? For a whole year?
Usually, SSL certs aren’t that cheap and they normally run about $89 per year per domain. Ok, so now we’re up to about $7.50 per month. And if any cost is too much, then StartSSL.com has SSL certs free for one year!
So while your costs might go up somewhat to market your product or company, it definitely won’t be breaking the bank. In fact, it’s really more of a nuisance to do the the work of securing your fan pages.
How Will This Affect My Fan Pages, or Pages I Create for Clients?
If you’re a social marketing developer that has clients, then there are some considerations when using Fanpage Connect, either the free version of the premium version of the plugin.
If you’re creating fan pages for your clients on their own domains, then your options are pretty clear – your client will need to purchase a secure certificate and get their site secured. Of course, you can help them secure their site gratis, have them purchase the secure cert through your affiliate link, or handle the whole thing and pass the charges on to them.
Now, if you’re hosting the pages, you may consider securing one domain and host all the pages there. In that case, you could just run the pages on the site and manage them yourself, or set up WordPress Network (the subdirectory install would only require one certificate) and let your clients manage their own pages.
The bottom line is that it shouldn’t impact your fan page business at all. When you consider the cost of setting up fan pages (we’ve seen upwards of $700 for a single page) compared to the cost of a dedicated IP and SSL certificate, one client would more than take care of the additional costs! Read the rest of this entry »
