
Should all sites use SSL by default? The top answer is no - user5994461
https://stackoverflow.com/questions/2177159/should-all-sites-use-ssl-by-default/
======
user5994461
To quote the top answer: Putting SSL everywhere is only a way to get a warm
fuzzy feeling on security that is no good. It is usually only used as a
distraction allowing administrators to disregard actual security issues.

Was looking up some info on SSL and came across this first. Sadly a good
illustration of how difficult it is to find security recommendations and how
stack overflow is rotting with time.

