web hosting

Securing Your Business Website in Three Easy Steps

Whether it’s the local shopping market, airport or online, thieves are lurking and just waiting for you to make a critical mistake.  In fact, much of the internet community is in a state of panic as data theft is at an all-time high.  Credit card numbers, bank account information and identities are being stolen from companies who don’t know how to properly secure their website and transactions.  Assuming you don’t want to be the next victim, we have provided three simple tips to keep you one step ahead of the attackers.

1.) Make Use of Encryption

In order to protect the monetary transactions occurring on your site, you at least need to have an SSL certificate with no less than 128-bit encryption.  This security tool can be installed and managed by a third-party vendor such as VeriSign or you can choose to handle the configuration yourself.  What SSL does is scramble the data being sent over the internet in a code that is unreadable to hackers.  Thus, when sales on your website are made, the financial details of your customers is encrypted, securely transmitted and then decrypted by your payment processor.  By placing an SSL certificate seal on your website, you can calm the nerves of consumers and encourage them to shop your store in confidence.

2.) Check Your Buyers

Although you don’t want to look as if you are suspicious of everyone, the prevalence of credit card payments increases the probability of a customer using someone’s financial information without their knowledge or approval.  To minimize situations like this, you should check the identity of your customers.  This can be done by not only obtaining their name and credit card number, but also their home address, telephone numbers and the security code located on the back of the actual credit card.  By doing so, you can better assure that the financial details submitted actually belong to the individual making the purchase.  If the card comes back as stolen, you could end up playing a role in helping authorities track down the criminal.

3.) Research Your Merchant

To ensure that financial information will not be stolen following the transaction, it is imperative that you run a thorough check of the merchant account provider processing your credit card payments.  You can start by reading reviews to learn if they have a history of fraud or security issues.  Don’t hesitate to speak to the company directly about the security measures they employ and most importantly, to make sure you are completely confident in their services.  If you have any doubts about the provider, follow your instinct and move on to the next option.

Security is a hot topic in seemingly every industry these days.  If you are using the internet as a medium for your business, these certainly are not times when you can just sit back and simply hope for the best.  Hackers and their attacking mechanisms grow more advanced everyday, so it is critical that you take the appropriate actions to keep both you and your customers out of harm’s way.

How to Install osCommerce and Activate SSL Through cPanel

osCommerce is one of the most widely used e-commerce shopping cart programs available on the market today.  It is also an application that can be easily installed via Fantastico in your cPanel control panel.  To help you in maximizing the benefits of this software, we  will not only walk you through the steps of installing osCommerce, but also show you how to configure it to use with your dedicated or shared SSL certificate to ensure that your website transactions are secure.

osCommerce Installation

- Login into your cPanel account and click on the Fantastico icon at the bottom of the main page.

- Navigate to the “E-commerce” section and click on the “osCommerce” link.

- Next, click on the “New Installation” link.

- Now you must go through a multi-step process in order to define the installation location:

Step 1: Choose your domain from the provided drop-down menu.

Step 2: Enter the name of the directory where you want osCommerce to be installed.

Keep in mind that the “install in directory” field is the one part where several users make critical mistakes.  Enter a single phrase of the new folder that will be created for the osCommerce application.  If you try to add dashes, the installation will fail every time.

Step 3: Return back and double check the information you entered in the above field.  If you want your customers to access your store when visiting “http://yoursite.com,“ you would then leave the “Install in Directory” field blank.  On the other hand, if you already have an existing website, you want to enter a given directory name in that field.  For example, if you decide to use “store” as the name of the directory, customers would access your osCommerce store by visiting “http://yoursite.com/store”.

- After entering the required information for the installation destination, enter a user name and password for your osCommerce administrative area.

- Next, enter the name of your store, an owner name, and valid email address.

Activate SSL

Once you have the installation destination squared away, the proceeding steps are self explanatory.  The SSL process deserves a little more detailed explanation.

- Set the “Use SSL” option to”Yes”

- Enter the hostname for your secure server.

If you have a dedicated IP address and SSL certificate for your website, simply enter your domain name in the next field.  If not, just use the server name entered above.

- Choose the information you want to require from your customers.  You will see that these options are pretty straightforward and can be either set to “Yes or “No.”

- After entering the information, click on the “Install osCommerce” tab.

- Lastly, on the next page click “Finish installation”.

You have now successfully installed the osCommerce shopping cart program equipped with an SSL certificate for security.  Now all you have to do is the click the provided link or type the appropriate URL into your browser to log in and set up your online store.

SSL For Your E-commerce Site

With credit card fraud and identify theft on the rise, consumers are more cautious than ever about shopping online.  If you are running a store online, this means that potential customers are more reluctant to buy products and services from your site.  In order to boost consumer confidence and make them feel safe, you need a reliable security mechanism that keeps their personal information secure.  What you need is an SSL certificate.

What is an SSL Certificate?

Secure Sockets Layer or SSL, is a security protocol that enables encrypted communications between the customer’s web browser and the server your store is hosted on.  This is accomplished by what is known as a handshake, a process where the server’s identity is confirmed and a secure connection created.  SSL typically offers 128-bit encryption, formulated by an algorithm which generates a key that is virtually impossible to crack.  An SSL certificate shows that your site is secure and safe for shopping.

How to Get a Certificate

SSL certificates are offered by entities known as Certificate Authorities, with the most popular being GoeTrust, Thawte and Verisign.  For the most part, these authorities provide certificates that give you the same level of security.  A single certificate can encrypt the data traveling between the server and each of your customers’ web browsers.  The average online storefront can get adequate protection from a basic SSL certificate.  You also have the option to purchase additional services to strengthen the level of security.

Installing the Certificate

Although many web hosting providers offer SSL certificates as add-on products, you typically have the freedom to incorporate one purchased from a third-party vendor as well.  In most cases, you can learn how your SSL certificate is to be installed via the instructions in the control panel software or by contacting the host’s technical support department.  Some of the most advanced control panels even allow you to incorporate an SSL certificate directly from the interface.  Once installed, the certificate is automatically enabled.  You will know it is activated when noticing “HTTPS” in front your URL rather than “HTTP”.

Designing for SSL

The design of your site is very important when implementing an SSL certificate.  In order for your web pages to be viewed as secure, all scripts, graphics and media elements must be deemed secure as well.  You have probably visited web sites where a warning displays stating that some of the elements of a particular page are not secure.  These messages are prompted when external elements of a web page are not called using the HTTPS protocol.  In many cases, the certificate is valid and secure but the page isn’t designed properly for SSL.  All the external elements of your page must be called using links that include the full URL.  One simple graphic that doesn’t use HTTPS will generate a “not secure” error.

Conscious online shoppers are increasingly looking for SSL certificates and if you don’t have one, you are missing out on a lot of business.  You can have some of the most beneficial products online but if no one feels safe buying them, they will hesitate to proceed with the transaction.

VeriSign Passes a Tremendous Milestone

Security is one issue that is on the mind of millions of website owners throughout the world.  It’s good to know that more people are paying attention to the risks and have taken the steps needed to secure their sites.  Earlier this year, VeriSign Inc., the leading online security and infrastructure company, reached a tremendous milestone with more than one million current SSL certificates.  Deployment of the one millionth active SSL (Secure Sockets Layer) certificate attributes to the solid security used by well over 90% of today’s Fortune 500 Companies and some of the largest banks in the world.

Chris Babel, senior vice president at VeriSign, notes that consumers need a greater level of assurance that the sites they visit online are safe to do business with.  The milestone of one million active SSL certificates demonstrates the firm’s presence in the industry.  Babel went on to state that VeriSign will continue to collaborate with its industry peers and help customers find most secure places for making purchases online.   Already responsible for securing more servers than any other internet security company, the VeriSign Secured Seal has become the most trusted of all on the web.

SSL certificates issued by VeriSign include VeriSign, GeoTrust and Thawte, all of which help to safeguard consumers against fraudulent websites by providing and validating information about the owner of the certificate. Consumers can learn the identity of the person they are dealing with and if the certificate holder is the legal owner of the domain name.  Most of all, these SSL certificates encrypt the customer’s personal information during internet transactions.   When a consumer visits a site equipped with such a certificate, their browser will display a padlock icon as well as HTTPS in the address bar.  This enables visitors to browse a web page with a greater level of confidence, helping them to feel comfortable about dealing with a legitimate site.

The most widely recognized of all, the VeriSign Secured Seal gives indication that a particular web page is protected with a brand of SSL certificate issued by VeriSign itself.  Throughout the world, this seal represents trust and security, one that has become a common fixture to validate leading online merchants, financial institutions and other prominent businesses on the internet.

A recent study conducted by TNS Research shows that 79% of online shoppers in the United States are familiar with VeriSign’s Secured Seal, trusting it more than other mark on the internet.  This seal is viewed well over 150 million time each day, thoroughly tested and proven to help boost online transactions by as much as 31%.  The study also reveals that the VeriSign Secured Seal can be found on more than 90,000 sites in over 140 countries across the globe.

Since the late 90s, VeriSign has been providing services for a reliable internet infrastructure to secure the huge world of networked computers.  Countless of times each day, its trusted SSL certificates and recognizable seals help businesses and consumers from worlds apart engage in secure E-commerce transactions with the utmost confidence.

SSL for Your Online Store

E-commerce has taken off for one reason: it gives millions of people the opportunity to generate consistent streams of income online.  However, making money with E-commerce is virtually impossible when shoppers do not feel safe doing business on your website.  This is why it’s extremely important to make sure your site is secure and armed with SSL.

What is SSL?

Secure Sockets Layer or SSL, was introduced in 1994 and has been declared as the standard for securing E-commerce transactions.  SSL is a protocol that encrypts credit card numbers and other sensitive information by scrambling the data so it can not be accessed by eavesdroppers.  More than likely, you have visited a few sites protected with SSL encryption as it is typically indicated by a URL that starts with HTTPS opposed to HTTP and a padlock icon located on the top or bottom of the web page.  SSL works with a browser such as Firefox, encrypting the online transaction with 40-bit or 128-bit algorithms.  However, a browser can’t fully secure these transactions on its own so you must do your part as a business owner.

SSL Certificates

As the administrator of an E-commerce site, one of the most powerful security tools in your arsenal is an SSL certificate.  This mechanism lies on a secure server with the sole purpose of encrypting data and identifying you as the owner of a legitimate website.  The SSL certificate will tell potential customers who the certificate holder is along with the name of the CA (Certificate Authority) and the country it was issued in.

SSL certificates generally come with 40-bit or 128-bit encryption schemes.  Because the 40-bit variation has been proven as vulnerable, you should certainly invest all of your efforts in a 128-bit certificate.  While there are many ways to go about obtaining this level of encryption, VeriSign, a leading SSL certificate provider, reports that one needs a server-grade cryptography certificate in order to enjoy full 128-bit protection.

There are essentially two ways to get a valid SSL certificate: purchase one from a legitimate Certificate Authority or self-sign it yourself.  Though self-signing saves you the time and money of using a reputable vendor, it actually defeats the purpose of having such a mechanism in the first place.  While the data may be actually encrypted, a self-signed SSL certificate could also trigger a warning in the consumer’s browser, indicating that it isn’t recognized as legitimate.

Even though some people feel comfortable on certain sites and proceed anyway, several more click away as fast as they can.

It’s no secret that a website that establishes trust and security is more likely to profit than one that doesn’t.  Recent studies conducted by Verisign reveal that easily identifiable SSL certificates have a direct impact on increased internet sales.  The research found that fewer shopping carts are abandoned when consumers feel more comfortable with certificates that appear to be in good standings.

The internet is all about anonymity and if you can’t prove who you say you are, it will be hard to establish trust with your visitors.  With SSL encryption you can ensure integrity and the security of your online transactions.  As scams and other exploits are a common thing, SSL has become a tool you simply can’t do without.