The web is moving toward a time where all websites use SSL on all pages by default:
A secure SSL certificate was previously only necessary for checkout pages and those handling sensitive data. At BFI we’ve tended to only recommend them for websites that don’t outsource card handling to pages hosted by SagePay, PayPal or similar.
Since 2014 Google has been gently guiding us towards a more secure web – a project they called “HTTPS Everywhere” – indicating that in the future HTTPS would be used as a ranking signal (albeit a tiny one) when determining where to rank website pages in the search results. So far, the impact of that has been very minor.
Fast forwarding to the end of 2016, Google have stepped up the encouragement, releasing an update to the Chrome web browser that will “mark HTTP pages that collect passwords or credit cards as non-secure, as part of a long-term plan to mark all HTTP sites as non-secure.”
This is part of a plan to eventually mark all HTTP pages as “Not secure”, regardless of their nature:
What does this mean for me?
In the short-term, it means that from the end of January 2017, websites with log-in pages – members areas, customer accounts, back-end admin pages etc. – that don’t use HTTPS:// in the URL will show a “Not secure” message in the address bar on Chrome:
Although Google Chrome will be the first browser to do this (Chrome has 46% of the UK market share), Firefox follows closely (11% of UK market share). It’s only a matter of time before the remaining browsers (Safari, 21%) and Microsoft Edge (6%) do the same.
To prevent this “Not secure” message showing on your log-in pages, it’s best to upgrade your website to use SSL.
In the long-term, Chrome will be warning when ANY page is not secure, so at BFI we’ll be building all new sites with “HTTPS everywhere” by default.
What should I do now?
You can now order the upgrade for your site online. For most sites a basic certificate will cost £49/year + VAT and it’ll cost £180 + VAT to implement for a ‘normal’ GetTrolleyed, WordPress or WooCommerce site.
Upgrades will be applied on a first-come-first-served basis, so we would urge you to book your upgrade quickly (and pay online) to avoid delay:
Take a look at our feature page to find out more about our WooCommerce WordPress plug-in:
If you’re an existing customer we can install & configure the extension free of charge; if you maintain your own website code the plug-in is instantly available to download after payment.
We’re testing our pilot stores through April 2016 and are currently taking pre-orders.
Keep an eye on our V12 page for the latest details and how to pre-order:
V12 Retail Finance integration with WooCommerce
There’s a mandatory change being made by SagePay this year migrating all customers from protocol v2 to v3. If you run a BFI ecommerce website, it’s likely that your current payment integration will no longer function after July 31st 2015. To continue taking online payments into August, your website must be updated to use the new v3 protocol.
Unless you ask us not to, your website will be upgraded from SagePay v2 to SagePay v3 during May & June. This will be a billable upgrade.
The upgrade process is low-risk and will work as follows:
- We’ll contact you to arrange the upgrade. One of the BFI team members will let you know the price & the upgrade date.
- We’ll build a new additional v3 payment module and apply it to your live website, but we won’t enable it.
- We’ll configure and test the v3 module, without live customers being able to see it.
- Once tested, we’ll enable the v3 module and give you a call. You’ll be able to put through a live transaction using your card, and then refund it.
- Once this second test is complete, we’ll remove the old v2 module from your website.
- The upgrade is complete.
At the moment there is nothing you’ll need to do. We’re working through our clients in batches and will contact everyone affected in the next 4-6 weeks to arrange your upgrade.
It’s likely that SagePay will have emailed you already, and may call too. You can let them know that everything is in hand and refer them to this page. We’re planning for all websites to be upgraded by the end of May 2015.
Press release, courtesy of Moore & Smalley and Freshfield PR:
When Mark and Lucy Fuller became frustrated with the lack of a suitable system for managing bookings at their South Lakes Hotel, the entrepreneurial couple decided to create their own.
The booking system they designed, in partnership with a web development agency BF Internet, has been so successful at maximising sales and improving efficiency, they have decided to launch a new venture offering the software to other hotels and accommodation providers.
Direct Room Sales has been designed specifically to help smaller independent hotels offer online sales, manage room allocation, and take electronic payments, all within their existing website.
Mark, who owns The Sun Inn at Kirkby Lonsdale with wife Lucy, said: “For smaller hotels, such as those with fewer than 20 bedrooms, there was nothing out there in terms of software that enabled them to manage online reservations in the efficient way that larger hotels do.
“We wanted a system that allowed us not just to sell our rooms online, but to sequence those room sales in a logical order, offer packages and extras, and do things like automatically change room pricing structures for weekends or certain times of the year. A key feature for us was the link into our EPOS to automatically charge the guest room account.”
2013 sees an overhaul of our hosting packages, which we’ve recently updated onto our website. After listening to feedback from our customers the new range includes a wider choice of upgraded and premium shared hosting packages, offering increased server resource, uptime and support for businesses who rely on their website as a key source of income.
When putting together a hosting package, it is the physical rack space that makes up the bulk of the cost, rather than the hardware itself. By upgrading our hardware specifications to allow servers to be shared between 5-10 websites, we’re able to offer this new range of competitive commercial packages. Sharing the rack space means enterprise features are available at the fraction of the cost of a dedicated machine, whilst offering comparable performance & uptime levels.
To ensure the security of the websites we host, server access (including FTP) is generally only available to members of the BF Internet team. In special cases or where legacy access is in place, all customers with external FTP access are now required to connect using FTP over SSL.
This change in security is part of a new requirement for PCI-DSS compliance, so that login details are transmitted in an encrypted manner rather than as plain text.
You should begin using FTP over SSL right away. You will need to adjust the connection settings in your FTP client to use SSL, this setting might be phrased as “FTPS (Implicit)” or “Implicit FTP over TLS”. Once this setting has been changed, FTP will continue to function as normal.
Regular FTP will be disabled on Tuesday 30th October.
In response to customer demand we’re pleased to announce that we can now offer a professional photography service.
This addition to our creative services has been motivated by our continued desire to produce optimum results and maximum visual impact for all clients. Great photography adds an extra dimension to a website and compliments great design. We’re certain that clients old and new will benefit greatly from this new service.
Our photographer is based in the Manchester & Cumbria area, meaning he’s available to customers across the North West and beyond.
He’s available a half and full-day rates (please contact us for prices), plus travel costs. Making allowances for the time to post-process and select final images, a half-day booking for example, will constitute a two to three-hour site visit from the photographer.
Contact us today to make your booking!
We had a bit of a Rugby League superstar pop by who we are going to be working with, Josh Charnley of Wigan Warriors & England! Josh made the right wing position his own in 2011 scoring 27 tries to be the Club’s second highest try scorer for the season.
From the perspective of a search engine, a link is more than just a highway from one webpage to another. From the perspective of a search engine, a link is a vote of confidence in a particular brand…
Read the rest of this entry »