New Feature: SSL is here!


#1

After months in development and testing, I’m pleased to announce that we have officially introduced SSL secure domains to Unbounce. If you’re on a $99/mo plan or higher, you can now stick Òhttps://Ó at the beginning of any of your published page URLs and that page will be secure! Go on, try it… 

This has been our most requested feature for months…

So, some of you will already know why this is exciting news, but if you’re unfamiliar with SSL, here’s a bit of background.

SSL is the acronym for Secure Sockets Layer. It’s a standard security technology for establishing an encrypted link between a server and a client. SSL is important because website visitors are now more security-conscious than ever. Landing Page visitors want to know that if they share data with your company, that transaction is safe.

What differentiates an SSL secure domain?

There are a few visual cues that your landing page visitors will look for to ensure they are on a legitimate brand’s website (one that they trust and do business with). For one, a small, green lock icon in the web address bar shows them that you are who you say you are. The second indicator is the HTTPS URL. Making your page visitors comfortable and confident when interacting with you reduces the barriers to taking the next step and clicking on that CTA, helping your overall conversion rates. As an added bonus, SSL will allow us to support even more of the marketing tools and channels that you use every day to manage your marketing funnel.

I’m also happy to say that if you are on any of our Unbounce pro plans you’ll find that your existing domains are ready to start receiving traffic through HTTPS links right now and Ð when you add a new domain Ð it will automatically have an SSL certificate applied through our security partner GlobalSign. Before you switch your traffic over to HTTPS, be sure to go through our HTTPS checklist to make sure your pages/scripts are fully optimized for HTTPS. 

Update:  If you don’t see this enabled on your account right away, don’t sweat it - we’re rolling the feature out to all PRO accounts as we speak, so you’ll start to see changes in the app shortly. 


How to direct visitors to secure https SSL version automatically?
#2

Hi Justin,
I have just noticed it today roled out on all our domains automatically.
This is a disaster for us right now. We have many pages where iframes, tracking scripts, images, remote files etc are called on http-locations. Now those scripts fail to work.
Is there any way to disable or tick on/off https from our domains?
Please - this is really important!!
Best regards
Lars


#3

Hello!
we also have a serios problem with this - because our Facebook Conversion Pixel doesn _t work anymore!!

This costs a lot of money every minute now!

Where can we disable this?

best regards
Wilhelm


#4

Hello,

In our excitement for the release of SSL it looks like we were not clear that the HTTP links that you have been using will still continue to function as they always have. Using the HTTPS link is completely optional. If you are driving traffic to your pages with the HTTP links, nothing should have changed. 

If we had made a fundamental change to the way that published pages work, we would have built it so that you had the ability to turn it on or off when you were ready.

We are going to open support tickets for you both and reach out to make absolutely sure everything is working as it should.     


#5

Hi Lars,

I’m going to open a support ticket for you so we can get to the bottom of your issue. You should receive an email shortly. 

All the best,
Noah


#6

Hi Michael,

I’m going to open a support ticket for you as well. You should receive an email shortly.

Best,
Noah


#7

Works great! However, our favicons (hosted elsewhere at iconj) don’t allow for the https, which is required for the browser to show the lock symbol – so we are looking for a workaround there.


#8

Hi there, 

If http://www.iconj.com/ isn’t able to provide you with an https hosted favicon, your favicon will only work on the http version of your landing page. To get your favicons to work for the https version of your page, I’d recommend trying to find a favicon service that will provide https hosting or using your own https hosting for your favicon.

While https pages do require https content, you are free to continue using your http landing page to display all http content. 

All the best,
Noah


#9

Thanks for the awesome find! I’ve quickly thrown together a test page and can confirm that indeed it does work great! Here’s the test page if anyone is curious: https://www.superawesomelandingpage.com/ssl-favicon/

If you need a refresher, the following support article goes over how to set up a custom favicon for your Unbounce landing page: http://documentation.unbounce.com/hc/en-us/articles/203510214#content2.

Thanks again for the follow-up!


#10

No problem! SSLPic was not easy to find I assure you. No Google searched turned it up. Randomly found it on the Wufoo blog!

Thanks for adding SSL. This is great for moving forward!!


#11

I wonder if it is possible to only server the secure page? eg. have a setting to 301 redirect all non secure requests to the secure version of the page?
Thanks


#12

Did you ever find this? is it possible?


#13

Hi Will, sorry no. Nothing yet. In pipeline I believe


#14

Try this in the scripts. 


#15

Nice!  This seems to work, as visits to http://MyUnbounceDomain.com  now load the https version: https://MyUnbounceDomain.com  


#16

Is a script still the only solution?
I would apppreciate to be able to configure this in unbounce.


#17

Any update? I would prefer to only serve the https version, there is no need for the unsecure URL, but there is no way to ‘turn it off’…


#18

Hi,
I would highly recommend to continue with both options. Many might have this simple request like you say here: turn it off. But if you work with unbouncepages a bit more complex, then you would be combining http and https depending on own and other services available. Especially if you’re an agency working with integrating unbouncepages with customer sites.
Another suggestion is to make it individual per page to turn it off. On the other hand you could just add a script that redirects to https like the one suggested above. You can put this script per page or per client as you like…
Best regards
Lars


#19

Workaround: http://www.sslpic.com/ will host your favicons for free using SSL - Works great!


#20

We have been testing SSL for a while now on Unbounce - and it works great.

For some cases we do click-pages where the form-submission and confirmation is hosted on the customers CMS using SSL. In some of these cases we have not been able to add the Unbounce confirmation script to the confirmation page, but oddly enough we have been able to add an iframe containing an Unbounce-created confirmation page allowing us to have complete control.

The customers confirmation page is using SSL - and and iframe without SSL will give a warning for the visitor about unsecure content. With SSL in Unbounce this is history.