On the web, more browser will reward when the pages are in HTTPS.
The main page of Doit.im, its blog and probably other pages are still unencrypted.
Could you upgrade to lal HTTPS for better privacy?
There are several levels of SSL certificate, since you are doing it, could you aim for the Qualys A+ Certification?
Here is an example of the app page which is pretty well secured but not the best:
https://www.ssllabs.com/ssltest/analyze.html?d=i.doit.im
Normal non-https should be redirected.
Thank you very much!
1. There is no privacy info of our users on the main page of Doit.im and its blogs, so that they are not related to security problems.
2. Thank you for your proposal, we'll adjust our deployment to reach Qualys A+ .