Secure Certificates & Website Security
Secure certificates or SSLs used to be optional, but while you still have a choice in using them, they’re not so optional anymore, that is, if you care about your sites search engine positioning. Due to the enormous amount of data breaches and computer hacking including the theft of people’s usernames and passwords, all search engines are pushing site owners to install SSL certificates on their websites. Those who do not take these recommendations with see their search engine rankings weakened leading to being found less often in search. The reason is that search engines have a tremendous amount of influence over the web, and while there are still many websites not using SSLs, it’s only a matter of time until the entire Internet is secured. In this effort, search engines are doing their part in pushing more and more website owners to secure their sites through browser warnings, reduced rankings and other influence such as requiring SSLs on certain new domain extensions.
SSLs work by creating an encrypted connection between a browser and a website server so that information cannot be harvested by monitoring network traffic. When a browser loads a webpage with an SSL certificate installed on it, the browser will request the certificates private key (a long string of characters) which will identify it. If the browser checks and verifies the certificate is valid, it will open a secure connection between the browser and webserver and the data between the two will be encrypted. This makes it much more difficult, and in some cases impossible, for the data passing through the encrypted connection, to be interpreted outside of that secure connection. Without the installation of an SSL on a website, a malicious hacker can intercept anything a user did on a website as long they have access to the Internet connection such as public Wi-Fi.
If you’re managing and administering your own web hosting account, there are SSLs that are free (no cost) which can be installed, albeit these free SSLs require more of a manual installation process and generally come with no support in the event something goes wrong. Newer versions of Plesk include available plugins which will help make installation simple. Another drawback to free SSLs, is rather than having to renew them yearly, they need to be updated every three months. Plesk again simplifies this with automated updating of the SSLs, so if you’re using a Plesk control panel, the latest version includes an extension for these free SSLs which are provided by a non-profit Internet Security Research Group (ISRG).
Standard SSL Certificates
If you are purchasing your SSLs from Searchen Networks, there are several different types of SSL certificates available. A standard SSL certificate will allow you to protect a single website and its all you’ll need to go secure. Standard SSL certificates are backed by a $100,000 warranty against failure. You can choose to secure either “yoursite.com” or “www.yoursite.com“, but not both, so you’ll need to know which way you want your URL to appear before you even order it. Ordering the standard certificate will allow you to receive one certificate for one URL and it is issued by Starfield Technologies within five minutes simply by verifying the domain name owned by the person ordering it. Starfield Technologies is a separate entity related to our domain registrar and web hosting business. The ability to order these certificates is built into your Searchen Networks control panel. You can purchase the Standard certificates for one or more websites depending on the package you order. The system will allow you to purchase between one and five standard certificates at a time and you can choose the amount of years you want to purchase, so you do not necessarily have to renew them every year if you purchase multiple years at a time.
Wildcard SSL Certificates.
Wildcard certificates are much the same as standard certificates, while at the same time, very different. Wildcard certificates, while providing the same level of security of a standard certificate, are designed specifically for to be used on subdomains. A subdomain is anything that appears in front of a URL address, even the most common one, which is “www“. Some sites choose to use more than one subdomain and may be utilizing unique subdomains, such as “”New York” or “Florida” and will appear in a browser as “newyork.mysite.com” and/or “florida.mysite.com” and many websites running these types of URLs could have hundreds of subdomains in use. A wildcard certificate will cost a little more; however, it will allow you secure an unlimited amount of subdomains for one set price. Our wildcard certificates are also backed by a $100,000 warranty against failure. So again, if your website is using subdomains, you’ll definitely want to order the wildcard certificate to contain and limit your cost over multiple subdomain URLs. Our wildcard certificates are also provided through Starfield Technologies and you can receive your wildcard certificate in a matter of minutes, just like you can with our standard certificates. Like standard, you can order these for multiple years at a time easing the renewal process.
Premium Extended Validation (EV-SSLs)
Premium extended validation certificates are different than both standard and wildcard certificates as they are much more difficult to obtain and take longer. They also require a special verification and vetting process of the person and/or entity requesting them. A full week could go by while the information submitted it verified. These certificates include a $1,000,000 warranty against failure and require documentation such as a business organizations state or county registration documents and the driver’s license of the person requesting the certificate, even if through a business entity. EV certificates go through a complex verification process and the issuing entity (Starfield Technologies) will review all of the documentation as well as call and verify all of the submitted details with the business owner or whoever is requesting the certificate be issued. Once the verification process takes place, certain documentation will be sent to the requester and they will need to digital sign off on all of the documentation before the certificate is issued. These certificates are then installed on the web server in the same exact manner as standard and wild card certificates, however, websites that use an EV certificate will display a special green lock icon in the address bar. Some browsers, such as Internet Explorer will illuminate the entire address bar so that these certificates clearly stand out from standard certificates. This is so users can immediately identity EV SSL secured sites (usually banks and financial institutions) which desire the highest level of security and user trust. Additionally, EV certificates will typically display the company’s legal name within the address bar which also makes these certificates appear different; they allow users to immediately identify the entity behind the website as its name will be right in the browser near the lock icon.
If you are considering an SSL certificate and you are not sure which is best for your business give us a call and we can help you figure out which one is best for you taking into consideration a variety of circumstances. We also offer full service maintenance programs which will handle these types if website issues for you so you do not even need to concern yourself much with it.