Umair you will have to make some code mods for the video embeds to work with your HTTPS.

Open up: ow_plugins/video/classes/video_providers.php

Look for: Lines 68-85 and find...

private function init()
    {
        if ( !isset(self::$provArr) )
        {
            self::$provArr = array(
                self::PROVIDER_YOUTUBE => '//www.youtube(-nocookie)?.com/',
                self::PROVIDER_GOOGLEVIDEO => 'http://video.google.com/',
                self::PROVIDER_METACAFE => 'http://www.metacafe.com/',
                self::PROVIDER_DAILYMOTION => 'http://www.dailymotion.com/',
                self::PROVIDER_PORNHUB => 'http://www.pornhub.com/',
                self::PROVIDER_MYSPACE => 'http://mediaservices.myspace.com/',
                self::PROVIDER_VIMEO => '(player\.)?vimeo.com/',
                self::PROVIDER_BLIPTV => 'http://blip.tv/',
                self::PROVIDER_GUBA => 'http://www.guba.com/',
                self::PROVIDER_BIGTUBE => 'http://www.bigtube.com/',
                self::PROVIDER_TNAFLIX => 'http://www.tnaflix.com/',
                self::PROVIDER_XHAMSTER => 'http://xhamster.com/',
                self::PROVIDER_FACEBOOK => 'http://www.facebook.com/'

In this batch of code change the http to https and on the one odd ball that is '//www.youtube(-nocookie)?.com/' make that become 'https://www.youtube(-nocookie)?.com/'

Now go down and start at line 126 and look for class VideoProviderYoutube

Find this code:

const clipUidPattern = '\/\/www\.youtube(-nocookie)?\.com\/(v|embed)\/([^?&"]+)[?&"]';
    const thumbUrlPattern = 'http://img.youtube.com/vi/()/default.jpg';

And make it look like this:

const clipUidPattern = 'https:\/\/www\.youtube(-nocookie)?\.com\/(v|embed)\/([^?&"]+)[?&"]';
     const thumbUrlPattern = 'https://img.youtube.com/vi/()/default.jpg';

Use the Youtube sample above to modify the other Video Providers if needed...

Bear in mind this will only take care of future video embeds and will not fix any videos that are already embedded. If you want to fix the existing videos please open the database and look for ow_newsfeed_action and look also for ow_video_clip. In these two areas you will have to sift the database and modify any http image src calls to be https instead.

For example:

In ow_newsfeed_action and in the data column you might have data that looks like:

{"actionDto":null,"time":1426283789,"ownerId":"1","content":{"format":"video","vars":{"image":"http:\/\/img.youtube.com\/vi\/V-Dwbdu23Ys\/default.jpg","title":"Dream Big - You Can Achieve Anything","description":"Check out Deyonta Davis a center committed to Michigan St. at 6' 9\" and 205lbs. He dreamed big, he worked at his goals and now he's headed for a brigh...","url":{"routeName":"view_clip","vars":{"id":"1"}},"embed":"<iframe width=\"560\" height=\"315\" src=\"https:\/\/www.youtube.com\/embed\/V-Dwbdu23Ys\" frameborder=\"0\" allowfullscreen=\"allowfullscreen\"><\/iframe>"}},"view":{"iconClass":"ow_ic_video"}}

And you will want to change this part ":{"image":"http:\/\/img.youtube.com\/vi\/V-Dwbdu23Ys\/default.jpg to look like ":{"image":"https:\/\/img.youtube.com\/vi\/V-Dwbdu23Ys\/default.jpg

For example: in the ow_video_clip thumbURL column you might have something like this:

http://img.youtube.com/vi/V-Dwbdu23Ys/default.jpg

and just change that to be https://img.youtube.com/vi/V-Dwbdu23Ys/default.jpg

Umair, another issue you might run into is with Facebook connect. You may also have an issue with the admin dashboard where some hotlinked images are not called for HTTPS so your SSL padlock may show this in the Admin dashboard which is not a big deal.

On the Facebook connect I think you might need to modify two files to take care of that. If you run into any issue using HTTPS with Facebook connect let me know and I can try to assist.

Umair, I have not ran into any issues with HTTPS and contact importer :-)

Umair we have a lot of hosting clients so we handle our DNS with private name servers and we run our own shared hosting on LAMP with cPanel.  As far as a good hosting site the market is filled with options and it comes down to features, price and customer service. If I had to recommend a hosting company other than us LOL I would say A2 Hosting would likely be my first choice followed by Blue Host and then maybe Amazon.

You can run a social network on http or https. There could be a tiny SEO advantage with SSL but the main advantage is that the data being sent between your site and user is encrypted so this offers a higher level of security. If at some point you would incorporate any e-commerce at your social site then HTTPS is pretty much mandatory.

Bear in mind that SSL will not eliminate any low-hanging-fruit risks associated with weak user passwords or vulnerabilities in the core, plugins or theme. I've been running Oxwall now for over 3 years and so far it has never been compromised but that doesn't mean it could never happen.

If your social network really needs a dedicated server then by all means drop the extra cash for one. On the other hand you could save money on shared hosting if that will handle your user base. The biggest drawback with shared hosting and Oxwall is that Ox is asking us to run the cron every minute on the minute whereas this is not realistic in most shared hosting environments and policy limitations may only allow for the Ox cron to be run every 15 minutes.