If you have any custom hosted content hosted outside of Facebook (since the switch Facebook made from FBML to iFrame, that probably means most of you), then you may or may not know that from 1 October 2011, ALL Facebook content must be hosted on secure SSL certified servers.
Right now, a lot of users log in to Facebook with secure connections and if your content isn’t covered by a secure server, they receive a message saying your connection is insecure.
Bear in mind, that is a big company – Carlsberg – one of the best known names in the alcohol industry and even they’re not ready for the switch over yet – so don’t feel too bad if you haven’t started getting ready.
But given everything you hear on a near daily basis about Facebook data security and privacy, if the words ‘Turn off secure” flash up before a user’s eyes, they MIGHT well click on that continue button and carry on, or they MIGHT decide to keep their security and you lose the customer and the like.
All over a small change you haven’t made yet. Well in a nutshell, here is what you need to know:
- The changes are coming into effect on 1 October 2011 so you need your custom, externally hosted Facebook content sorted out before then.
- The domain you are hosting your Facebook content on will need a valid SSL certificate.
- You will need to use the ‘Secure Canvas URL’ and ‘Secure Tab URL’ in the app development section to keep your content working
As always, if you think this info might be useful to someone else – your friends, colleagues, networks, social networks, please remember to retweet, share on Facebook and update on Linkedin. We’d love to help as many people as possible avoid these silly little mistakes which can trip you up.