Itomic hosts lots of websites. Many of those websites use SSL certificates for extra security (the Heartbleed anomaly notwithstanding).
Until relatively recently, it was a technical necessity that every site with an SSL certificate must have its own unique IP address on the planet, i.e. an SSL certificate had to be associated with an IP address that wasn’t also being used by another SSL certificate. But the world has been running out of IP addresses, so it’s was getting harder and/or more expensive to access additional IP addresses for websites requiring SSL certificates.
The good news is that it’s now been made technically “ok” for sites with SSL certificates to share the same IP address. (Geek talk: this is possible thanks to Server Name Indication (SNI) being added as an extension to the TLS protocol).
Which therefore begs the question: does my website need a dedicated IP address? Here are the 2 main – but relatively minor – reasons why it might:
- Mail server blacklisting by IP address. If a website sharing the same IP as yours is blacklisted (correctly or incorrectly) for sending out spam email or similar, then emails being sent out from your website might be tarred by the same brush.
- Older technologies might not support SNI. As of November 2012, the only major user bases whose browsers do not support SNI appear to be users of Android 2.x (default browser), Internet Explorer on Windows XP, and versions of Java before 1.7 on any operating system. So if your site is sharing an IP for its SSL certificate, these older technologies will likely display a warning to users that the certificate credentials don’t appear to be correct, but likely still with the option to proceed to the site anyway.
If you know more reasons why a dedicated IP address might be preferred – let us know!