Secure My Site!


If you are sharing or collecting any kind of private data on your website (such as credit cards, social security numbers, dates of birth, private account information for your member area, order information or etc.), your top most concern should be ensuring the private data you are collecting and sharing is kept secure. One of the best ways to do that is to create a secure area on your website where your customers can access that private data.

On websites this secure area is created by purchasing an SSL certificate. After you have the SSL certificate, you access this secure area by browsing to your website via https://mywebsite.com instead of http://mywebsite.com (note the additional "s" in the first link). Also, when the site visitor is on the secured part of the website, with a valid SSL certificate, the visitor will see the lock icon in the browser which tells the visitor that this part of the website is secure.

Okay, that is all great but how does the SSL certificate actually create this secure area?

First, when you access a page that is protected by an SSL certificate the browser will verify that you are actually on a trusted website with a  valid SSL certificate. If you attempt to access an invalid SSL certificate, the web browser will give you an appropriate error message.

What kind of error messages? Let's say you access a website with an expired SSL certificate. When you do that, your browser will detect that the website's security is expired and give you an appropriate warning. In most browsers, once you get that warning you are prevented from sharing any private data since the SSL is no longer valid.

As another example, let's say you are on a website that tries to fake the secure area. For example, my website doesn't have any need for a secure area so I don't have an SSL certificate. As a result, if you try to go to https://qwconsulting.com you will receive an error message telling you that this is not valid. In other words, the browser knows that this isn't really secure and prevents you from getting there.

Getting back to how SSL certificates work: Once the browser has verified the SSL certificate and verified you are on a trusted website, a secure socket is created to allow for the communication between the browser and the website (the SSL stands for "Secure Sockets Layer"). This layer ensures that all data sent by your visitor (such as a credit card number) is only sent to your website and not to any hackers. In addition to that secure communication, the SSL also encrypts the data on the website. That way nobody, except the site visitor visiting the site legitimately, can actually access that data.

For more on SSL certificates, or to setup a secure area on your website, contact QW Consulting today.

Stay Updated

 Add to My Yahoo! Add to Google  Bookmark and Share