Tag Archives: SSL

Common Myths About SSL Certificates And Their Security

Leave a reply

Common Myths About SSL Certificates And Their Security - HostingXtreme

SSL Certificates are becoming a popular trend for popular websites and blogs. Although there is more ignorance and hype being circulated about the whole web encryption system, webmasters and visitors feel psychologically more secure when they have an HTTPS URL. You may call it the placebo effect or overzealous security, but all in all, SSL does no harm even if it is not required. Encrypting URLs and internet traffic goes a long way in making the internet feel safer and deter the bad guys. This article explains some common myths about the magic or misconceptions attached to having a secure HTTPS URL.

SSL Certificates are expensive

SSL Certificates are available in different varieties for different prices. There is a type which is sure to fit each type of person and each organizations requirement. After Facebook made it compulsory to use an https:// URL to setup Facebook Apps, SSL certificate sales got a boost. A basic SSL Certificate with Domain validation costs a couple of dollars a year. An extended validation one will cost a few hundred dollars a year. This cost excludes the cost of a Dedicated IP Address and the hosting space of course. The Dedicated IP Address can cost anywhere between $20 to $100 per year. While the cost of an SSL Certificate directly may not be expensive, you must factor in overheads like Bandwidth, CPU / Memory Resources and Web Server limitations to

SSL Certificates will prevent hacking

SSL Certificates will not prevent or deter a hacker from exploiting weak code or vulnerable software on your website. SSL Certificates simply act as a secure pipe or secure tunnel through which data flows, preventing any middle-man to intercept the traffic and identify what is being sent. SSL does not keep a check on both the ends of the pipe or tunnel and does not cover protection of a browser at the client end or database at the server end. Hence, if your passwords are stored in an un-encrypted manner in your MySQL database, and for some reason your database is compromised, then having SSL will have no effect in protecting your database information.

SSL will not have any effect on SEO

You must note that SSL may make the website marginally slower especially when loading a page for the first time. This may exponentially be a problem and may require the tweaking of settings on your web server. However, Google recently announced that it will give preference to URLs starting with HTTPS, in its search results, in an endeavor to make the internet a safer and secure place and encourage online merchants to secure the flow of data and sensitive information. If you consider giving both these factors equal weightage, then they both cancel out each other, leaving the impact on Search Engine Rankings (either positive or negative) to be negligible.

You need a separate IP Address for every https subdomain

SSL Certificates are of many types and with many different features to suit your budget. Usually an SSL Certificate will cover only 1 fixed URL i.e. https://your_domain.com. The normal SSL Certificates will not even cover https://www.your_domain.com . To encrypt a sub domain or even a URL with www. you will need to take an additional certificate and register that URL with the Certificate issuing company (Certifying Authority). The problem arises when you have multiple sub-domains and want to encrypt the traffic on all of them. Well, in that case you will need to take a WildCard Certificate. The Wildcard certificate, as the name suggests, will encrypt all traffic for the primary domain and also traffic on every sub-domain of that primary domain i.e. *.your_domain.com. It is called a WildCard certificate, because it represents the wildcard character * which indicates anything and everything.

SSL Certificates are difficult to manage or migrate

SSL Certificates may be a tad bit confusing to install at first, but most web hosting control panels have a GUI interface to allow you to generate and import new public and private keys with ease. Change of your web hosting server or change of your dedicated IP Address invalidates your certificate. You can always request a re-issue of the certificate by visiting the Certifying Authority’s website and completing their online form. Most providers instantly issue a fresh certificate which you can put in to your new server and resume business as normal.

 

Using a secured connection to transfer files through FTP

Leave a reply

This article explains how you can create an encrypted secure connection to our server, to upload or download files using the Secure File Transfer Protocol (SFTP).

This option works only with the default cPanel Username and Password.

It does NOT work for sub-accounts created in the FTP User Accounts section of cpanel (username with an @domain.com) To encrypt a connection made by a sub-account, you can refer to out article on FTPeS (FTP over Explicit TLS)

SFTP File Transfer

SFTP:// Secure File Transfer Protocol to encrypt your FTP connection

FileZilla:

SFTP through FileZilla

  1. Open FileZilla
  2. In the Host: field type in
    yourdomainname.com
    or type in
    sftp://yourdomainname.com
  3. In the Username field type in the full cPanel Username
  4. In the Password field type in the cPanel Password.
  5. In the Port field type in 22 (or leave blank if you have typed sftp:// in the domain name above)
  6. Click on the Connect button
  7. You should now see the welcome message and be connected through SFTP.
  8. You can verify this by clicking on the Lock icon at the bottom of the FileZilla window.

SFTP Certificate

 

 

Why are SSL Certificates becoming more popular?

Leave a reply

If you are planning on launching your online business or have an online business already in place, there is the need to ensure that your online website or business is safe and also gains maximum respect from all clients. Well, there are so many reasons why SSL certificates are becoming very popular and one of them has to do with the fact that, they make an online business look very professional and gives clients the impression that, the online business is very safe to do business with or to transact business on. For many years, businesses that claim to be professionals have fell because; other businesses considered safety to be a very important part of being in the online business world.

With so many bad things happening today online, it is only normal that various customers have the aim of working with businesses who can assure their safety even as they offer them with quality. Benefiting from the growth of technology, your business website needs to be very safe and look as well as feel presentable. This is the only way you can attract as many customers as needed and maintain or keep existing customers.

When your website has an SSL certificate, the person who is viewing your website is able to have the assurance and also know that, your website is very safe. Today, there are so many SSL certificates available or present on many web pages. It is true you might not have considered it to be important. However; whenever a client sees an SSL certificate on your website, you should know that he or she will want to do business with you. Apart from having the SSL certificate on the website, there are other signs that make it very clear to customers who know what is new in the world of technology to feel safe with your website. When the padlock figure or symbol or the http prefix with your website name has an “s” in the form of “https”, you can always be assured that your SSL certification is authentic.

Being a business (online), there is no way you should take SSL certification for granted. This is because; many websites are been created to educate people on what SSL certificates stand for and why it is important for online consumers to do business with only companies that have such protection. This means, if your website does not have a SSL certificate or certification to back its services, there is no way you can have people coming to your online business. This is because; there is no client who will trust your business if you are not SSL certified. With so many credit card thefts and important information of clients and businesses being stolen, there is no way a reasonable and well meaning business owner will not want to be secured and also make sure his or her clients are secured. Buying an SSL certificate does not cost so much. This means, buying it will only benefit you.