Web Security

Does Your Website Really Need HTTPS?

Website security is not just for online stores anymore, the truth is that ALL websites can benefit from being Secured

If you're going to have a website, run an online store, an e-commerce website you will obviously want to ensure customers that the information they give you on your website including their credit card information is handled securely

How to Make Your Website More Secure

To secure a websites transmission that site will need to use "HyperText Transfer Protocol" with "Secure Sockets Layer". SSL and HTTPS for short is a protocol to transfer encrypted data over the Web. When someone sends you data of any kind, sensitive other otherwise, HTTPS keeps that transmission secure

There are two primary differences between an HTTPS and an HTTP connection work:
>> HTTPS connects on port 443, while HTTP is on port 80
>> HTTPS encrypts the data sent and received with SSL, while HTTP sends all as plain text

Most customers of online stores know that they should look for the "https" in the URL and to seek out the lock icon in their browser when they are making a transaction. If your storefront is not using HTTPS, you will lose customers and you will also possibly open yourself and your company up to serious liability should your lack of security compromise someone's private data. This is why any reputable online store today is using HTTPS and SSL

All websites can benefit from SSL usage

Google actually recommends this for sites today as a way to authenticate that the information on that site is, indeed, coming from that company and is not someone trying to spoof the site somehow. As such, Google is now rewarding sites that do use an SSL, which is yet another reason, on top of improved Security, to add this to your website

posts about hosting

Sending Encrypted Data

As mentioned above, HTTP sends the data collected over the Internet in plain text. This means that if you have a page asking for a credit card numbers, that credit card number can be intercepted by anyone with a packet sniffer. There are many free sniffer software tools available and can be done by anyone with very little experience or training

What You Need to Host a Secure Website

There are only a few things you need in order to host secure pages on your website:
>> A Web Server such as Apache with mod_ssl that supports SSL encryption
>> An SSL Certificate from an SSL certificate provider
>> To use the "HTTPS" in front of your Domain exclusively

If you are not sure about the above you should contact your Web hosting provider. They will be able to tell you if you can use HTTPS on your website. In some cases, if you are using a very low-cost hosting provider, you may need to switch hosting companies or upgrade the service you use at your current company in order to get the SSL protection you need. If this is the case - make the change
The benefits of using SSL are worth the added expense of an improved hosting environment

Once You Have Your HTTPS Certificate

Once that is set up, you can start building your Web pages. These pages can be built the same way that other pages are, you just need to make sure you link to HTTPS instead of HTTP if you are using any absolute link paths on your site to other pages

If you already have a website that was built for HTTP and you have now changed to HTTPS, you should be all set as well. Just check the links to make sure any absolute paths are updated, including paths to image files or other external resources like CSS sheets, JS files, or other documents

Here are some more tips for using HTTPS:
Point to all forms to the HTTPS Server. Whenever you link to Web forms on your website, get in the habit of linking to them with the full server URL including the "https://" designation. This will ensure that they always are secured
Use relative paths to images on secured pages. If you use a full path such as (http://www...) for your images, and those images are not on the secure server, your customers will receive warning or error messages saying "Insecure data found" This can be disconcerting, and many people will stop the purchase process when they see that. If you use relative paths, your images will be loaded from the same secure server as the rest of the page

We welcome your comments, questions, corrections and additional information relating to this article. Please be aware that off-topic comments will be deleted.
Or if you need specific help with your account, feel free to contact us anytime
Thank you


Tomas F
Great blog. The info you shared will be helpful. again Thank You for the information

Kristen G
Great article and just what we needed, We will be using RSH Web with their free SSL certs!

Mark H
I have to say it is really a good article.Thank You for sharing

Kelly J
Excellent post Thank you for sharing

Tweet  Share  Pin  Tumble  Email

More Articles Of Interest