I'm tired of this bullshit. This has never been true, not even 10 years ago. You only need one IP:port combination per unique domain name. You can host tens of thousands of HTTPS websites on a single IP even if none of your users support SNI, and you don't have to pay for a SAN certificate, either.
You can serve HTTPS on port 31276 as long as you redirect properly from plain HTTP. You could even redirect conditionally, i.e. modern browsers and search engines are redirected to port 443 while the remainder are told to try port 31276.
Is this ugly? Yes. Do people care? No. A client of mine who uses shared hosting is perfectly happy with HTTPS on port 44527. Most people don't even look at the URL. Who knows, they might even think that the secret number makes their website more secure. (Of course it doesn't, but their misconception doesn't make their website any less secure, so I don't care.)
Older browsers not supporting secure ciphers/protocols is a bigger problem, but you can also get around this to some extent by offering better ciphers/protocols on port 443 and lesser ciphers/protocols on an alternate port.
I'm tired of this bullshit. This has never been true, not even 10 years ago. You only need one IP:port combination per unique domain name. You can host tens of thousands of HTTPS websites on a single IP even if none of your users support SNI, and you don't have to pay for a SAN certificate, either.
You can serve HTTPS on port 31276 as long as you redirect properly from plain HTTP. You could even redirect conditionally, i.e. modern browsers and search engines are redirected to port 443 while the remainder are told to try port 31276.
Is this ugly? Yes. Do people care? No. A client of mine who uses shared hosting is perfectly happy with HTTPS on port 44527. Most people don't even look at the URL. Who knows, they might even think that the secret number makes their website more secure. (Of course it doesn't, but their misconception doesn't make their website any less secure, so I don't care.)
Older browsers not supporting secure ciphers/protocols is a bigger problem, but you can also get around this to some extent by offering better ciphers/protocols on port 443 and lesser ciphers/protocols on an alternate port.