FAQs:
Publishers’ Move from
HTTP to HTTPS Secure Websites

Atypon is implementing the HTTP/2.0 website protocol for all of our customer websites, which includes secure HTTPS encryption.


When:

Started September 2017, completed in 2018.



Why:

  • To address privacy concerns and improve security across the web.
  • HTTP/2.0 provides much faster data transmission, particularly as latency increases, making it a prerequisite for new Literatum features that require a large data transfer, such as Atypon’s new eReader for books and journals. The following demos can give you a sense of the performance benefit:
  • Google is leading this change across the entire Internet with a carrot-and-stick approach that will directly impact publishers’ discoverability and traffic:
    • Google’s SEO algorithm ranks HTTPS content higher than HTTP in search results.
    • Google will display a prominent “Not Secure” warning to visitors using Chrome when they are about to visit a non-HTTPS site, and Firefox browsers will do the same.
    • Google has begun to deprecate Chrome features on non-secure sites.

Benefits: The 3 S’s

  1. Security. The enhanced encryption reduces publishers’ vulnerability to attacks and prevents the intercepting of researcher information that is shared on websites.
  2. Speed. Faster websites, including quicker image loading. View the comparison at: www.HTTPSvsHTTP.com.
  3. SEO. Improved discoverability. Google rewards HTTPS sites with higher SEO rankings that result in increased site traffic.

Do libraries need to do anything?

  • Only if they use a URL rewriting proxy server such as III WAM or OCLC EZProxy. If so, they will need to make changes to their proxy server configurations to use HTTPS rather than HTTP. For more information on those changes, the OCLC support site includes stanzas (snippets of EZProxy configuration) for most publishers at: https://www.oclc.org/support/services/ezproxy/documentation/db.en.html.
  • Literatum does not officially support using URL rewriting proxy servers for authentication due to issues that they can cause. For example, federated access control schemes – especially SSO – are highly susceptible to failure from URL rewriting. However, most libraries employ URL rewriting proxy servers to extend IP authenticated access to remote users, which is less susceptible to such issues. And while not officially supported, Literatum is proven to work well with proxies for this purpose.


Do libraries that use proxies need proxied URLs that are also HTTPS?

  • No. The decision of a library to host their proxy on HTTP or HTTPS is independent of whether the publisher site is hosted on HTTP or HTTPS. If a library does decide to use HTTPS, they will need a certificate for the domain on which their proxy server is hosted. Their proxy server documentation should be consulted for this.

How are HTTPS publisher sites enabled?

Atypon has made significant infrastructure changes to deploy the enhanced encryption required of HTTPS sites:

  • Data center upgrades: new load balancers, new servers with substantially more bandwidth, and greater computer processing power are required to encrypt every byte of data on every publisher’s website.
  • New staff were hired for the additional work required to configure, install, test, migrate, and maintain secure HTTPS sites. For example, a new suite of tests is required for API connections, third-party links, and other Literatum integration points as a result of secure connections.