SP10 Pre-upgrade Tip For BBIS Sites!
Published
Hello, BBIS world!
I hope you caught Sam McGuin's recent post in our Announcements blog about some BBIS enhancements in SP10. For those that missed it, and also for those that just can't get enough community blogs, I wanted to share a couple of quick tips on how to prepare for one of the key components of SP10 for BBIS: the switchover to site-wide HTTPS enforcement.
BBIS has always supported site-wide HTTPS protocol, but it was often required only for pages processing secure content. (Donation forms, Payment parts, User Login, Event Registration, Membership, et al.) Recent industry trends are towards websites fully encrypted with HTTPS. This provides a more secure end-user experience and is something we want to promote as well.
The primary thing you'll want to be aware of in preparation for this change is a site or page design that includes elements referenced by HTTP URLs. Such pages will experience "Mixed Content" messages once you upgrade to SP10. In a nutshell, the term "mixed content" describes a page that is encrypted with HTTPS, but also includes HTTP elements. A common example might be a home page that includes an external HTTP image link hosted on another server, or a social page sharing widget referenced via HTTP. Mixed Content messaging is represented to the end-user differently across various web browsers, but commonly takes the form of a browser alert window or a warning icon in the address bar. A more in-depth explanation of Mixed Content (and how to address it) can be found here.
The good news is that it is often very easy to get rid of Mixed Content messaging simply by updating links in your site design to reference "HTTPS" instead of "HTTP". Since we already support site-wide HTTPS in all prior versions (without requiring it), It is also very easy to test your site before you even upgrade to SP10! To do this, simply go to your home page and make sure the browser address bar includes "HTTPS" instead of "HTTP." Then, you can navigate around the site and watch for any Mixed Content warnings from your browser. During navigation, keep an eye on your address bar to make sure that you stay within an "HTTPS" session. If you get hard-linked out to an HTTP page, just simply add the 's' in the address bar to get back into the session. If you encounter pages with Mixed Content messages, work with your team to update links to use HTTPS.
We've put together an FAQ page that goes into much greater depth and provides additional resources for your review.
Thanks for reading, and we'll see you again soon!
I hope you caught Sam McGuin's recent post in our Announcements blog about some BBIS enhancements in SP10. For those that missed it, and also for those that just can't get enough community blogs, I wanted to share a couple of quick tips on how to prepare for one of the key components of SP10 for BBIS: the switchover to site-wide HTTPS enforcement.
BBIS has always supported site-wide HTTPS protocol, but it was often required only for pages processing secure content. (Donation forms, Payment parts, User Login, Event Registration, Membership, et al.) Recent industry trends are towards websites fully encrypted with HTTPS. This provides a more secure end-user experience and is something we want to promote as well.
The primary thing you'll want to be aware of in preparation for this change is a site or page design that includes elements referenced by HTTP URLs. Such pages will experience "Mixed Content" messages once you upgrade to SP10. In a nutshell, the term "mixed content" describes a page that is encrypted with HTTPS, but also includes HTTP elements. A common example might be a home page that includes an external HTTP image link hosted on another server, or a social page sharing widget referenced via HTTP. Mixed Content messaging is represented to the end-user differently across various web browsers, but commonly takes the form of a browser alert window or a warning icon in the address bar. A more in-depth explanation of Mixed Content (and how to address it) can be found here.
The good news is that it is often very easy to get rid of Mixed Content messaging simply by updating links in your site design to reference "HTTPS" instead of "HTTP". Since we already support site-wide HTTPS in all prior versions (without requiring it), It is also very easy to test your site before you even upgrade to SP10! To do this, simply go to your home page and make sure the browser address bar includes "HTTPS" instead of "HTTP." Then, you can navigate around the site and watch for any Mixed Content warnings from your browser. During navigation, keep an eye on your address bar to make sure that you stay within an "HTTPS" session. If you get hard-linked out to an HTTP page, just simply add the 's' in the address bar to get back into the session. If you encounter pages with Mixed Content messages, work with your team to update links to use HTTPS.
We've put together an FAQ page that goes into much greater depth and provides additional resources for your review.
Thanks for reading, and we'll see you again soon!
News
Blackbaud CRM™ and Blackbaud Internet Solutions™ Blog
10/18/2016 4:53pm EDT
Leave a Comment