HTTP vs. HTTPS
Understand: ALL cyber-criminals know hack code for HTTP.
HTTP is no longer considered safe web encryption. The current standard is HTTPS.
So what to do?
Go to Buy Your SSL Here and learn in detail about SSL.
The mechanism of SSL certification has two important functions:
- Authentication
- Encryption
Authorizing a server connection, the SSL certificate holds information about the business, website or person you are connecting to, and verifies that identity through a third-party.
Look at the padlock (maybe green) on the left side of the URL of this web page in the address bar. It identifies as a secure SSL-certificated site.
Clicking on the padlock will tell you that the connection is secure and reveals what information the certificate has. That will include the users of the certificate, and the authorized SSL provider. See the RED circle
Encryption with HTTPS the SSL certificates system encrypts traffic between the user’s computer and the website. Without encryption, sensitive information like passwords could be compromised by a thief intercepting the data between the client computer and web server.
The security of this system lays in the independent third-party, Root Certificate holders who have ownership of the public key that is distributed through CA’s (Certificate Authorities) that certify the ownership of a strictly issued key (DV, OV, EV, UC and Wildcard etc.). Registration is crucial. Implementation is critical. Deployment is vital.
We can help you navigate what is the best product for your ecosystem and assist with the install. When people talk about SSL certificates, it is easy to assume they’re all the same. Depending on who authorized them and how diligent the background checks were, they come with different levels of validation. An invalid SSL will cause the browser to issue a warning to the user that the connection is not secure. It says that because that is what it is, insecure
and wide open for malware attack. Customers become very annoyed at catching anything from your business. Update your SSL is the first step!
Which SSL do you need?
Here are four validation levels most commonly used:
1. Domain Validation (DV). Common public key confirmation that the web pages are truly coming from the expected domain and not some other. It says nothing about the person or business in question, just that they own a domain.
For example: where a public key is certified to belong to a single website, for example, www.coolsite.com.
Notice that that URL includes the subdomain in front of it, www.
Our certificate and our public key would be certified only for that single domain, including the subdomain.
What is certified is the public key and the website domain name are related. Typically an automatic email is issued to the website owner listed in the WHOIS database, the database of people when they register a domain name. So, it’ll send it to whoever says that they own this website, and if they can receive that email and respond to it, then that’s proof of ownership enough. They may also ask you to post a data file on the website because if you own the website, you should be able to put a small data file up there that they can then see publicly.
This product is best for any WordPress site or another basic site with a form of any kind.
2. Organization Validated (OV). The same as DV in addition to advanced personal and/or business credentials and those of the named owners are checked against extensive databases: WHOIS, local, provincial/state and federal governments. The Articles of Incorporation are verified and so is the physical address.
3. Extended Validation (EV). OV plus+. The pinnacle of SSL certificates, needed for any company wanting to expand their business offer to customers in complete secure web locations especially email and financial transactions. Proves the company has domain ownership, is a genuine business, and that the certificate was applied for by authorized personnel.
A human person contacts the business at a published phone number. They may even speak to several people there confirming increased documentation.
This product is best for any WordPress, eCommerce and Shopping Cart and Non-Profits. Represents extreme trustworthiness.
Wildcard. (DV) Apply to multiple subdomains, for example:
library.coolsite.com OR members.coolsite.com
You will have one certificate and one public key, and use them as an example for coolsite.com, library.coolsite.com, members.coolsite.com and *.coolsite.com and on…
4. Multidomain (SAN, UCC). This encrypted variation is the multi-domain certificate. Same kind of certificate as, but we’re allowed to have one public key and one certificate that’s able to be used for multiple domains.
It’d be used for surfinghawaii.com, burntbuns.org, and bigwaves.net.
What makes a good SSL purchase?
The temptation is to make choices entirely based on cost, with many sites to cover or a dynamic business environment. After every tech crash, problem, ticket # it usually came down to trying to do the job with cheap tools. Codes are tools. They wear out with predictability eventually if they are good quality. If they just plain don’t work it might be because they are cheap code or improperly installed and maintained.
Poor decisions can have big cost implications, and changing direction once you have a consumer-facing solution isn’t ideal. We can help navigate that up front. We are flexible and given to be insightful solution providers to current and pending quality issues.
The following factors should play a part in picking the right issuance operation for you:
- Browser compatibility – Many computers still running Windows 7 and XP?? and even older releases (seriously!?), working with older browsers is still a major concern.
- Trust level type – Match the needs of the web location with the level of security and trust needed. A quick response in our SSL discovery wizard form.
- Trust site seal – A recognizable to let you know that the site is secure and that their information is safe.
- Support of SSL experts – The subtle nuances of SSL and certification can befuddle even the most astute IT people, so having an SSL support team available is critical. Call or email us!
- Refund policy – 100%.
- Warranty policy – CAs (Certificate Authority) cover errors in identification, loss of documents or intentional/accidental errors. Up to $1 million.
We have a straightforward range of digital products for you to choose from and would be happy to help make that happen for you.