HTTPS and SSL Certificates
What does making your domain 'resolve' to https:// actually do and NOT do when triggered by installing the Auto SSL Certificate (free version) on your server?
Firstly to be awarded any SSL certificate, your domain name must be shown to have accurate records of ownership.
That means when you registered your domain name, you entered verifiable information such as:
- an actual person
- an actual address
- any further records such as an ABN if required such as if you have a .com.au domain name
This then shows your domain name was not acquired by a non-human, and the website is less likely to be risky.
The browser Chrome, is now checking which websites do not have an SSL certificate and noting that in search results.
Not only should an SSL certificate show https:// at the front of your domain name, but you will also have a green padlock as well.
This Auto SSL certificate is free, and DOES NOT protect your visitors if your website allows payments ON THE WEBSITE itself.
For that you need to buy a more specific SSL certificate for encrypting sensitive information such as Credit Card details.
None of my clients need this as they all use Third Party websites for any payment information entered (such as PayPal) or Bookeo.
When a website resolves (automatically shows) as a https:// - website information is encrypted (not the content that is visible)
but sensitive information such as owner details,
logins, any payment information, etc. Any hacker/spammer trying to access website information is presented with an encrypted version.
Most robots will then move on to an easier target.
https:// does NOT directly secure your email, nor protect you from spam or email phishing attacks.
The only email protection from having a https:// domain name, comes from the fact that it's much harder for some
kind of robot/malware to access your website information
(logins, passwords etc), which could then have a flow-on effect to your email if the robot is programmed to proceed
to hacking email accounts once they have already access your website.
It is therefore highly important you protect yourself EVERY DAY, at home.
Install and RUN a malware/spyware protection and registry cleaner EVERY DAY such as recommended below.
McAfee Site Advisor
McAfee has a fantastic free tool to stop you from clicking on links to websites that may contain malware, viruses, or any kind of phishing scam.
Sometimes you can't have this as well a virus program.. depends if they allow it.
A green tick says the website has been tested and is safe, a yellow tick means proceed with caution if you have to, and a RED TICK advises you to STAY AWAY.
You can download McAfee Site Advisor Site/Web Advisor
and there is an upgrade to a Professional Version available.
If you want help we can work on this, and set you up to be 99% free from "I wish I had done this earlier" moments.
Believe me, they suck!
It is highly important you protect yourself EVERY DAY, at home. Install and RUN a malware/spyware protection and registry cleaner EVERY DAY such as:
Kapersky (MAC and Windows)
McAfee (MAC and Windows)
SuperAntiSpyWare (I use this - Windows only)
AND a CLEANER
CCleaner (I use this - MAC, Windows, & Android)
They have free versions you can run today/right now! I suggest purchasing the Pro versions.
MALWARE - STAYING SAFE ONLINE
DOMAINS and HOSTING
WEBSITE CODE and SEO