What is HTTPS?
HTTP is currently the primary protocol for applications used on computers, tablets, smartphones, and many other devices. As internet use has grown, the risk to users' privacy and safety has grown with it. HTTPS makes your site more secure for your users, especially when they are giving you information. For example, when a user enters data into a form on your site in order to subscribe to updates or to make a donation, HTTPS protects that user's personal information between the user and the site. It is essential on pages where users are required to give their credit card information and/or other personal details. Data sent using HTTPS is secured via Transport Layer Security protocol (TLS), which provides three key layers of protection: Encryption, Data integrity, and Authentication.
 
Why HTTPS for everything?
It is a recommended industry best practice that you adopt HTTPS site-wide in order to protect your users' connection to your website. This means that your entire website will be rendered in a secure manner over HTTPS.
The internet’s standards bodies, web browsers, major tech companies, and the larger internet community have all come to the conclusion that HTTPS should be the baseline for all web traffic. Ultimately, the goal of the internet community is to establish encryption as the norm, and to phase out unencrypted connections.
 
What is happening with NetCommunity 7.1?
While the option to enable secure content (HTTPS) for your entire NetCommunity site has always been available in the product, starting with NetCommunity 7.1, site-wide secure content (via https) will be hard coded and cannot be changed. As mentioned earlier, internet standards bodies and major technology companies all recommend this approach and it is being adopted to make your NetCommunity sites more secure.
 
How will this affect me?
Enabling site-wide HTTPS within NetCommunity will make your site more secure. We recommend you do so as soon as possible. In some cases, after making this change, some content (such as images or content hosted on non-NetCommunity sources) may not display or your browser may display a warning message indicating the site has mixed content. Click here to see what actions you can take to correct this. We recommend that you update this configuration outside of peak hours to give you sufficient time to review your site and identify any adjustments needed. If you do not make this configuration change, it will be automatically made when you upgrade to NetCommunity 7.1. HTTPS requires a valid SSL certificate. Your website should already have a SSL certificate for security and PCI compliance when processing transactions. If you would like more information about obtaining a new SSL certificate for your NetCommunity website, please click here
 
I made the configuration change to enable site-wide HTTPS and reviewed my site but some content does not render correctly. What should I do?
In some cases, after making this change, some content (such as images or content hosted on non NetCommunity sources) may not display or your browser may display a warning message indicating the site has mixed content. Click here to see what actions you can take to correct any issues you may be seeing.

You can also approach your account team to engage Blackbaud Professional Services to scope any further improvements to your site.
 
My NetCommunity site is hosted by Blackbaud. What should I do?
You can enable site-wide HTTPS today via a configuration option in the Administrative Settings in NetCommunity. This will allow you to test your site and make any necessary adjustments. We strongly urge you to do so as soon as possible. It is recommended that you update this configuration during off-peak times, to give you sufficient time to review your site and identify any adjustments needed. When your Blackbaud hosted site is upgraded to NetCommunity 7.1, site-wide secure content (via  HTTPS) will be automatically enabled and hard-coded, even if you are not currently using this setting in NetCommunity.
 
My NetCommunity site is self-hosted. What should I do?
You can enable site-wide HTTPS today via a configuration option in the Administrative Settings in NetCommunity. We strongly urge you to do so as soon as possible. This will allow to you test your site and make any adjustments needed. It is recommended that you update this configuration during off-peak times, to give you sufficient time to review your site and identify any adjustments needed. Site-wide HTTPS will be enabled and required in NetCommunity 7.1.
 
My NetCommunity site is hosted by a third party. What should I do?
You can enable site-wide HTTPS today via a configuration option in the Administrative Settings in NetCommunity. We strongly urge you to do so as soon as possible. This will allow to you test your site and make any adjustments needed.  It is recommended that you update this configuration during off-peak times, to give you sufficient time to review your site and identify any adjustments needed. Site-wide HTTPS will be enabled and required in NetCommunity 7.1.

I need time to review my site. What options do I have?
The shift to adopting site-wide https in BBNC 7.1 was driven by the latest payment industry standards (PCI-DSS 3.1 and PA-DSS 3.2). As mentioned earlier, internet standards bodies and major technology companies all recommend this approach. You can enable site-wide HTTPS today via a configuration option in the Administrative Settings in NetCommunity. We recommend you to do so as soon as possible. This will allow to you test your site and make any adjustments needed before NetCommunity 7.1 is released. It is recommended that you update this configuration during off-peak times, to give you sufficient time to review your site and identify any adjustments needed. With the security of your site and your customers’ data being a priority for us at Blackbaud, we cannot delay the release of this feature.