HTTPS and FluidReview

Many FluidReview customers use custom domains for their sites, allowing them to point applicants and reviewers to branded URLs. For anyone still using HTTP/non-TLS/SSL encryption on their custom domain, we highly recommend using a TLS/SSL certificate to secure your FluidReview site and offer a trusted browser experience.

Google Chrome, Mozilla Firefox, and other browsers will soon flag HTTP sites as non-secure. This could impact visitors to your site with their browser displaying a non-secure warning, or explicitly asking users if they want to travel to your site and “trust” it.

What is HTTPS?

In short, HTTPS is a secure connection and ensures that any information that is shared with your website is encrypted. HTTP, on the other hand, does not encrypt the information and is less secure, therefore not recommended for passing sensitive information. More and more, HTTPS is becoming the standard protocol for browsing websites no matter what information is being shared.

Sites on FluidReview.com are, by default, using HTTPS. However, for anyone using a custom-domain or vanity URL, we require you to purchase a TLS/SSL certificate and provide us with some information so that we can apply it to our website. In order to get started, please reach out to support@fluidreview.com and let the support team know you are looking to purchase a TLS/SSL certificate. You can find more information here.

There are many certificate authorities that will issue a TLS/SSL. We recommend you speak to your hosting provider or internal IT team to identify which method is best. There are also several free providers, like Let’s Encrypt.

Additional Resources:
https://www.searchenginejournal.com/google-is-requiring-https-for-secure-data-in-chrome/183756/
https://security.googleblog.com/2016/09/moving-towards-more-secure-web.html