Site traffic affected by having SSL automatically turned on

According to my host (who I initially blamed for this), SSL was automatically turned on by cPanel updates. This is a HORRIBLE practice and it should default to off not on. For months I was unaware that SSL had been turned on automatically by cPanel, therefore I couldn't respond in time to the SEO damage it has already caused my site. Not everyone wants/needs SSL, or has sensitive data on their site to protect.

This has done irreversible damage to my site's traffic (and lost ad revenue) now that -- since their algorithm is thinking we are an HTTPS compatible site -- Google has started indexing the wrong page version (https instead of http). So now my site is fragmented into 2 parts -- http and https, getting "trying to load dangerous scripts" errors, etc etc. This has even caused important scripts to stop working on my post popular page. And of course this just HAD to happen during the absolute busiest time of the year for my site, when I was about to take my site to the next level as far as amount of traffic (I was getting 40,000/day, now it's down to 20k and sinking). Again, thanks cpanel!!

Thank you cPanel for the the huge headache I didn't need, when I'm already backed up spending many hours redesigning my site and features, and the financial damage this dumb setting has created. How 'bout next time you let us choose our settings instead of assuming everyone needs https enabled.

 

Thanks for the not much help, assumptions, and wannabe lecture.

Well seeing as how this was the entire basis of my "whining", don't you think you'd reference this a little more? Either it's auto-enabled, or my host is lying. I didn't enable it or any software, and when I blamed my host, they said it was cPanel.

SSL was never a mandate. cPanel just gave me a fat unneeded headache, not "make my life easier". Not considering the user and not considering potential SEO risks is THEIR negligence. Since my site doesn't have sensitive data, I was willing to live without SSL for the time being, or implement it at MY OWN choosing and timing that makes sense, not cPanel's. Lol that's hilarious you're trying to blame my "negligence" when somehow my site was doing JUST FINE traffic wise and monetarily without 3rd party INTERFERENCE. If cPanel wasn't enabled, I wouldn't have this problem. Period. Who is cPanel to assume that everyone wants/needs SSL enabled? It needs to be changed or they'll see more complaints from other website owners.

 

I don't know all the details of this, I haven't researched enough about servers, I do more of the front end stuff. All I know is HTTPS pages started popping up in Google these last few weeks and started competing with my HTTP pages, hurting SEO. This has never happened and I've had this website for years. So... what changed? Google wouldn't have indexxed the HTTPS pages if they didn't get some type of go ahead that HTTPS was functional.

Also I would love to do a HTTPS > HTTP redirect but I've researched this and it's not a good idea because users would still get that warning.

What I need to know is under "Manage Installed SSL Websites", is this auto-installed to connect to the websites and does cPanel control this and enable it as the default or does the host configure that?

 

Ok well I just upgraded to a new server so that makes sense. But I think it's terrible practice by both cpanel to auto-enable it and also by hosts to keep it configured as enabled. Give the clients the control, because not enough technical decisions are factoring in potential SEO issues. SSL is something that should be chosen/requested by the client as an add-on, not a auto-enabled default. This completely messed up my traffic + messed with a future move to SSL and a new domain.

 

Wrong. a) I don't even have a site map b) never did #1 or #2 and yet HTTPS showed up in google, because google probably prefers HTTPS.

Your opinion it's unjustified. SSL should be OPTIONAL, not force-fed.

 

The damage is already done, so great I was the guinea pig. I seriously should get compensation for this. I've lost ad revenue from this. I guarantee I won't be last one who gets screwed over by this setting. And it's impractical for users to have be caught up cpanel's blog to prevent something that should've been common sense.

What client wants something out of their control or force-fed? SSL is not one of those must-have default features. SSL has always been considered (or should've been considered) an add-on and at the discretion of the user.

 

Apparently you didn't even read my complaint...

Of course SSL is great. I was planning on installing it when I moved to a new domain. That's not the issue.

The issue is it's AUTO-installed by cpanel by default. Because of potential SEO conflicts between http vs https, this is something that the USER should configure, aka MANUALLY install. It shouldn't be some default if you upgraded to a new server. I guess you guys like having video ads auto-play too when you visit a website? Or the default is you have to constantly "opt-out" to prevent things? Or maybe you like having things force-fed? Maybe it's just me...

It seems that cpanel wants to blame my host, and my host wants to blame cpanel. Either my host installed it when they configured the new server (something I never asked for), or cpanel auto-installed it. Which is it?? Due to history, my understanding when I upgraded my server is that SSL was MANUALLY installed. I've upgraded many times from the same host, but this was the ONLY time SSL was auto-installed - which I'm guessing is due to cpanel's NEW defaults. Basically if I upgrade to a new server (not new domain) on any host, I shouldn't have to worry about something being installed if I didn't ask for it. SSL has always been an ADD-ON. Having this control is especially important due to how QUICK "https" can show up in Google. And once it's there, you're screwed because then you have your http pages competing with your https.

 

I'm either not understanding you correctly or you keep contradicting yourself. You say it's "optional" and it's "up to the user" or "up to my host", yet you point to another old thread that has plenty of people who've had a problem with the "lack of options" and "auto-install" cpanel setting. I think it's completely irresponsible and over-reach by cPanel to auto-install these SSL's and let the consumer figure out the rest and clean up the SEO damage that was brought about by a 3rd party. SEO is super important to traffic and site growth, and this undeniably damaging setting (which apparently will CONTINUE) has messed with people's websites.

 

Wrong.

1) Idk why you keep capitalizing "FREE" like it matters, or like anyone's acting entitled, or like a $60 SSL certificate is a fortune, or that it's even the issue at hand. You're just coming across as a cPanel apologist.

2) The INITIAL (which is significant - people don't even have time to react to the configuration for how fast Google indexing happens) use and CONTROL of the certificate obviously was NOT up to me if it's being AUTO-installed by cpanel by default as soon as the server is set up. It's ridiculous to put the onus on every person who owns a website (many of which who don't even handle the technical side of things) that they should've just "opted-out" or that that is a good policy to have. I didn't even REALIZE SSL was being installed. I got 10,000 other things to worry about on the front end of things. Why would I and why would anyone for something that SHOULD be 100% OPT-IN. That's the entire point. It should've NEVER been enabled to begin with.

3) I would've LOVED To be at the pre-AutoSSL state 'cause you know what that means? It means Google would've rejected those pages in their indexing and I wouldn't have this problem.

Let's be clear. You're not helping, you have no interest in helping (just your wannabe know-it-all lectures), and you're the typical "IT" type of person that most normal people despise. All you are is a cPanel apologist, or "it's always user error". You're flat out wrong. I am a one man machine for my website. I do it all and wear many hats. So you know nothing. I've built my website from scratch to 40,000/day users that cPanel has threatened. You know why? 'Cause I'm not like YOU who only sees one angle. I look at a website through multiple angles, not just the technical angle. I handle the business, marketing, UI, UX, coding, programming, SEO, visual design, content, and plenty more. So keep trying to insinuate with your condescending little - Removed - attitude to say it's just "laziness", "incompetence", "user error", etc. That's what all you IT types always do 'cause you're narrow minded. It can never just be BAD POLICY. You're wrong. This is a horrible policy to have something be AUTO-installed on default on any server. And if you looked at past threads that have been linked to in this thread, you'll see countless others who agree with me on this. Clients shouldn't be force-fed anything, BY DEFAULT, where they need to "opt-out", period. Especially for something so potentially damaging towards something so significant as SEO. You can't escape that this is just bad policy that causes more harm than good. SSL should always be opt-in.

Good luck with your future having the narrow-minded "typical IT guy" annoying attitude.