PDA

View Full Version : Facebook Pages changing. HTML Apps obsolete by June 2012.



Harold Mansfield
03-06-2012, 08:52 PM
For those of you that haven't heard, or are just tired of keeping up with Facebook's constant changes, the next go 'round really screws the little "non-web" guy badly.

By June 2012, all of the apps that many people use to make HTML pages for their business page will be no more. Actually I can't even find the app store anymore so it looks like all of the apps, with the exception of a few will be gone.

All pages will be using the timeline format, like the personal pages. Mine is already switched.

But here's the crushing part.

To build custom tabs on your page, you will have to create a Tab App in Facebook Developers.
https://developers.facebook.com/docs/appsonfacebook/pagetabs/

However, all content has to be hosted on an SSL domain. If you don't have an SSL domain, you can't even make a tab app. Stopped right there in your tracks.
Proxy's? Nope. They don't work. Free SSL services that will give you a link to use? Nope.

So that pretty much takes the average DIY'ers completely out of the picture for customizing their pages. Finite.

So you pretty much have 3 options:


Purchase an SLL Certificate for your existing site, and configure your site so that it is secure (which is a pain in the ass).
Purchase a new domain and an SSL Certificate with which to host your Facebook content. (Easier, but more money if your current plan doesn't support SSL and you have to upgrade)
Use a 3rd party service provider to build and host your Facebook content for you, which of course will be a monthly charge.


The worse part of it is trying to explain the changes to people and getting them to understand how much more work it is, and why your prices for Facebook pages just tripled.

Facebook is really pushing one company in particular as a 3rd party provider, Wildfire. It has to be a partnership.

Will this make you say "screw it" and give up on customizing your page?
Will you do it yourself?
Will you hire someone to do it?

What do you guys think?

vangogh
03-07-2012, 02:18 AM
For me none of this is an issue since I tend to stay away from Facebook. I keep thinking I'll finally set up a page for my business, but I really don't like the site. All these changes are the big danger of giving too much of your business to the control of any 3rd party. They can and will change the rules when it suits their business and without your consent. Not that people should be ignoring Facebook. It's obviously a great place to market your business. Just that caution needs to be taken and you need to understand in advance the control you're giving away.

That said some of the changes you're describing may be a pain, but they probably aren't a huge deal. Changing over to Timeline format will be annoying, but people will figure it out just like they figured out how to create the pages before. The SSL part seems a little much. I can understand Facebook's concern over security, but if it forces everyone to purchase a certificate or pay a monthly fee that they may not need it seems a little much. Of course these are business pages and $100 or so a year for an SSL certificate should be affordable for any business. SSL is also unnecessary for most pages. It's important when you're taking credit card information, but not so important when displaying a page of text.

Do you know that you have to buy a certificate? Depending on your hosting plan you can create your own certificate. It doesn't come with the trust of the certificate you buy, but it does come with the same encryption.

Harold Mansfield
03-07-2012, 03:00 AM
I don't know anything about creating your own certificate. As much of a pain as it was to install one, I'd hate to even think about how you would make one.
I thought they all went through a 3rd party SLL Service.
Companies like Verisign, Thawte, Network Solutions, and I think Go Daddy does their own.

I think the SSL thing is really overkill too, but it also does a few things. It lets FB get rid of the app store and the HUGE security hole and responsibility of vetting them all.
And it also now puts the burden on you to host your own content as opposed to all of these apps holding all of this information on Facebook's server. The apps thing was getting out of control and they were loosing the battle.

And that gets rid of a ton of riff raff. We both know how many people there are on the web that will spam the hell out of something as long as everything is free, but the minute they have to spend a dime, they're gone.

It probably saves FB a ton of money in resources too, and by putting the burden of security on you if you want to host content, kills 3 birds with one stone.

As for people like me. I love it. Because now it means that the average non-tech, non-web person will be more apt to call a service provider to customize their page.
The days of installing an app to create your pages are over.

Yeah, it was a pain in the butt, but after I got over it, I began to see the brilliance in it and the opportunity.

greenoak
03-07-2012, 09:43 AM
i hope all this doesnt apply to me, since i didnt do any custom or special apps on my facebook.... everything you said is so over my head......... im mainly trying to get a nice picture at the top of my timeline and figure out what i want for the 4 good spots across the top....
my issues are .
#.not sure if i like the pinning idea, since it goes above todays post...i want that to be the main thing..i like the picture possibilities...

#.i dont see it much reason for my customers to want to go deep down in my history? i doubt if that will be used much...
.# i hate that everyone can see what they see if they click the like button...seems like that should just be admin info...
mainly i just want to keep facebook as well connected with our customers as it has been for us..and im looking forward to seeing how other heavy facebook users are doing their pages...
..im getting a lot of facebook info over on the sme forums,..
..

vangogh
03-07-2012, 11:01 AM
I don't know anything about creating your own certificate.

It's not any harder than installing one. When you buy a certificate the company sends you those long strings that are the encryption keys and then you copy and paste them into the right spots. To create your own you just click an additional button or two first to generate the keys. The rest of the process is the same. The reason you of through companies like Verisgn isn't for the encryption. It's for the trust. For encryption to work you have to trust its source. The random person generating keys could also be sharing those keys with the people who want to break the encryption.When you buy an SSL certificate you aren't buying a lock and key, you're buying a guarantee that the lock and key haven't been tampered with.


It probably saves FB a ton of money in resources too

I'm sure it does and I'm sure it will help keep out some of the riff raff. And like you're already finding out, people will adjust to the new way of doing things. Some will complain like they always do and before too long it'll just be how it's done.

Harold Mansfield
03-07-2012, 02:00 PM
It's not any harder than installing one. When you buy a certificate the company sends you those long strings that are the encryption keys and then you copy and paste them into the right spots. To create your own you just click an additional button or two first to generate the keys. The rest of the process is the same. The reason you of through companies like Verisgn isn't for the encryption. It's for the trust. For encryption to work you have to trust its source. The random person generating keys could also be sharing those keys with the people who want to break the encryption.When you buy an SSL certificate you aren't buying a lock and key, you're buying a guarantee that the lock and key haven't been tampered with.
.

Ah. That does make sense.

The part that was a pain in the butt wasn't the actual certificate. It was cleaning up outbound links on an existing site. Any outbound link to a non secure site, breaks the encryption on that page.
Besides just the stuff that you do normally on your site, helpful links, social media links and such.. it's those WordPress links in the source code to Plug in authors, or support that threw me for a loop. You have to clean every page of any and all outbound links to non secure pages. And of course you have to change the links on all of your images. I looked for a script of plug in that would do it, but in the end I did it by hand. Very tedious.

I've heard that there is an .htaccess fix for that, but I haven't been able to find it yet. Some kind of redirect that sends outbound links through your server, so that they present on the page as secure?
Do you know anything about that?

MyITGuy
03-08-2012, 12:55 PM
Regarding SSL Options, I'd suggest checking with your host first to see if they have a shared SSL Certificate on the server you can use.
I.E. https://jaxweb01.cingularhosting.net/~cit/ allows me to use a shared certificate for my HTTPS connection from Facebook (The users don't see the URL, so why does it matter?)...even though I haven't purchased a certificate for my own site.

If you do want your own SSL Certificate, then check out GeoTrust's RapidSSL. I can pick them up for just under $10/year as a reseller and wouldn't mind passing on the savings to other forum members (Suggested pricing is only $13).

The issue with SSL Certificates that most people will have, is that the major control panel in use by most webhosts (cPanel) only allow 1 dedicated IP (Currently a requirement for an SSL cert) to be allocated per account. So if you have two domain names you will need to separate hosting accounts in order to install SSL certificates on both.

Harold Mansfield
03-08-2012, 04:34 PM
The issue with SSL Certificates that most people will have, is that the major control panel in use by most webhosts (cPanel) only allow 1 dedicated IP (Currently a requirement for an SSL cert) to be allocated per account. So if you have two domain names you will need to separate hosting accounts in order to install SSL certificates on both.

I don't know about that. Well first, my web host doesn't use CPanel ( I know. I know. But I actually like their interface), but I have at least 15 dedicated IP addresses on my account. The site with the SSL has always had a dedicated IP, but I can clearly purchase additional SSL's from my dashboard for any of my other websites with dedicated IP's.

I do manage my SSL from a different dashboard,(also not CPanel) of the same company though.

I think it is dependent on the level on hosting, and the company. Unless it is just some weird CPanel restriction.

MyITGuy
03-08-2012, 07:30 PM
Unless it is just some weird CPanel restriction.

It's a cPanel restriction. The following is a quote taken from here SSL FAQ (http://docs.cpanel.net/twiki/bin/view/AllDocumentation/WHMDocs/SslFaq)



Limitations of SSL/TLS
You can only have one SSL certificate for each IP/port combination. This has many ramifications, including:
If a cPanel user wishes to have an SSL certificate installed, he must have a dedicated IP address.
Only one domain per account (including subdomains, addon domains, and parked domains) may have an SSL certificate.

While there are ways around it by modifying the configurations manually, it then becomes unsupported by the vendor and the client isn't able to manage it themselves.

vangogh
03-09-2012, 12:11 AM
Some kind of redirect that sends outbound links through your server, so that they present on the page as secure?

That's new to me. I can't say I've ever had the issue you had. Whenever I've needed SSL it's been for the ecommerce section of a site. I've usually used one or another prebuilt systems that handled all the URL details.


wouldn't mind passing on the savings to other forum members

I'll probably take you up on that offer at some point. Thanks.


only allow 1 dedicated IP

I was going to say that makes sense, but it really should only need to be one certificate per domain. Do you know if it's a technical issue?

Harold Mansfield
03-09-2012, 12:26 AM
That's new to me. I can't say I've ever had the issue you had. Whenever I've needed SSL it's been for the ecommerce section of a site. I've usually used one or another prebuilt systems that handled all the URL details.


How does Facebook do it? They maintain their SLL encryption, even though they link out to millions of non secure websites from user shares.

MyITGuy
03-09-2012, 10:35 AM
I was going to say that makes sense, but it really should only need to be one certificate per domain. Do you know if it's a technical issue?

In my opinion, its just an interface/cPanel issue as it can be done from a technical perspective (But may invalidate the host's cPanel support, or cause additional support overhead for the host). cPanel is currently overhauling their product to support several new features, along with a new design...so maybe they will take this into account.

MyITGuy
03-09-2012, 10:39 AM
How does Facebook do it? They maintain their SLL encryption, even though they link out to millions of non secure websites from user shares.

I believe the issue with Facebook/SSL's isn't what your linking to, but how you do it. Just because I have a link to http://small-business-forum.net on my secure site doesn't mean my visitors are browsing in-securely. The issue is when I try to pull in/display content from this site that causes an issue (I.E. If I use http://www.small-business-forum.net/images/misc/sbf-logo-40.png to display the logo then it will be an issue, but if I were to use the HTTPS version, or cache a local copy then it wouldn't be)