This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Find out more hereX

Home > Discussion Forum

Discussion Forum

kermey kermey is offline
Connector
Join Date: Sep 2003
Posts: 389
SSL - Any advice?

I need a security certificate to secure my shopping cart. I dont want to pay too much but I do want the certificate to work (any advice on how the system works would be welcome what to look for, how do I know its secure etc etc)

Any advice and recommendations would be really welcome
Reply With Quote
swhiting swhiting is offline
Connector
Join Date: Dec 2003
Location: Ol'Suffolk
Posts: 235
you've got two options:

shared ssl - this is the cheapest route - you effectively share a certificate for a host (https://vault.host.com/yourdirectory) and are given FTP access to the subdirectory and put all your secure files there and link to it.

dedicated SSL - you have your own SSL certificate issued for your server (usually quite expensive - but they do vary in price) and your host setup your own SSL site (this will probably be quite expensive also). Major companies such as Thawte (http://www.thawte.com/) and Verisign can issue certificates.

you don't need to have the whole site SSL secure, just the ordering pages where you enter sensitive details. Payments for Worldpay etc are taken over secure SSL server so take the security hassle away from the website owner.
__________________
S.Whiting (UK)

I'm not lazy. I just can't be arsed to do pointless things.

- syIT Amazon Tools - Increase your Amazon Associates revenue using webservices without the hassle.
- HotSpotter - UK Wireless Networking Portal
- Jam Shop - Buy quality preserves and marmalades
- Audiologue.com - Online HiFi and Home Cinema Shop

Reply With Quote
kermey kermey is offline
Connector
Join Date: Sep 2003
Posts: 389
My host does provide the shared cert, is that as secure? What are the benefits of getting your own?
Reply With Quote
openmind's Avatar openmind openmind is offline
Connector
Join Date: May 2004
Location: In front of my computer
Posts: 3,480
The biggest benefit is really the appearance. If you are on a shared cert the url for the secure pages will lok something like https://yourname.yourhost.com or whatever.

If you had the cert it would be https://secure.yourdomain.com

As the whole point of secure shopping is to make sure the customer is confident, your own cert is best. It isn't as expensive as you think. InstantSSL, http://www.instantssl.com/ssl-certif...dom&country=GB will be able to supply a cert from just 33 per year. From 46 per year they throw in a secure logo to display on your site which visitors can then click on to verify your identity.

All these things will help your customers confidence enormously...
Reply With Quote
bone's Avatar bone bone is offline
Connector
Join Date: Oct 2003
Location: Mansfield
Posts: 386
try http://www.redstation.com/hosting_secure.asp

redstation do a cheap ssl hosting package
__________________
click here
www.fullphatdesign.co.uk
01623 631900
Reply With Quote
kermey kermey is offline
Connector
Join Date: Sep 2003
Posts: 389
Will this protect my databases too?
Reply With Quote
swhiting swhiting is offline
Connector
Join Date: Dec 2003
Location: Ol'Suffolk
Posts: 235
no, SSL will not protect your databases. you will still need to take the measures that I outlined a post the other day for the SSL site.
__________________
S.Whiting (UK)

I'm not lazy. I just can't be arsed to do pointless things.

- syIT Amazon Tools - Increase your Amazon Associates revenue using webservices without the hassle.
- HotSpotter - UK Wireless Networking Portal
- Jam Shop - Buy quality preserves and marmalades
- Audiologue.com - Online HiFi and Home Cinema Shop

Reply With Quote
openmind's Avatar openmind openmind is offline
Connector
Join Date: May 2004
Location: In front of my computer
Posts: 3,480
Really your databases need to be in a folder that cannot be accessed through the web. You need to check with your web host which folder you need to sotre your DB in.

The cert is really there to provide a secure method for the input of sensitive information.
Reply With Quote
Mo. Mo. is offline
Starting Out
Join Date: Apr 2004
Location: London
Posts: 21
Hi,

I found the following site to be very helpful when I was in a similar situation: http://www.sslreview.com/

Regards,
Mo.
Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


All times are GMT +1. The time now is 10:09 AM.


Powered by vBulletin® Version 3.8.1
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd. Copyright Shell LiveWIRE 2005-2009