How to secure your ecommerce website with a SSL certificate

How to secure your ecommerce website with a SSL certificate

Adding SSL is mandatory to make the transaction of a website secured. An ecommerce site must have a SSL certificate installed. Modern browsers will warn users when they are trying to make a transaction in a non- “HTTPS” website.

When we go to Google.com, we get a secure connection because of SSL.

Most of the beginner users of WordPress do not have idea about what SSL is. There is no need to have a master degree on SSL. As long as you know the value of installing SSL in your website you are ready to go. There is nothing too much technical. Hence, here I give a lot explanation of SSL

Defining SSL

Through the internet, we send and receive a lot of data every day. Among all of the data, there are private informations/details sent and received, which must not get in the wrong hands. When we are creating an account on a website, we send a form with data containing our personal information. To keep this data safe from hackers, there is SSL certificate. SSL stands for secure sockets layer. This gives the data connection a new secured layer which cannot be decrypted without the decryption code. To access the connection, someone must have the decryption code, but before someone uses brute force attack to break the decryption code, the data will be on its way to the server of a website or in our personal computer.

Every time someone creates a secure connection, it gets different decryption code, so it’s very very unlikely that someone will hack that encryption.

To protect data transfer between a server and users, we need to install SSL. SSL secures the connection and also SSL service itself. Different sites have different IDs, so if any website tries to pretend that it has SSL installed, the browser can easily mark the website for showing wrong SSL, or untrusted.

Before you install SSL, you need to know why you should

Google has recently declared that if a website does not have SSL installed, it will  be shown at the end of the search results. It means Google will prefer websites which are more secured over the regular  ones. To make your website optimized for search engines, you need to install SSL.

PayPal and other online payment gateways, do not let their API installed on a website unless the website has secure connection. If you are doing online business you will obviously need to install API of PayPal, MasterCard payment gateway and other gateways. To get PayPal and other payment gateways, you must have SSL installed in your website.

To earn trust of the website’s visitors,  you need to mark your website secured using HTTPS connection.  Many people who buy and sell online do know the difference between HTTP and HTTPS. It does not matter what kind of ecommerce website you own, you must install SSL to make all transactions and login secured.

HTTPS is slower than HTTP?

To say logically, yes HTTPS is slower than the HTTP but the difference cannot be measured by the average users. The difference is too little that nobody takes it seriously.

Is your website ready to install SSL?

There is no fancy stuff required to install SSL. If you are running your website in a modern version of PHP installed web server, you can install SSL.

Many hosting companies are offering FREE SSL with their hosting package. If you are the guy who wants everything to go easy, you should buy one hosting package which offers SSL within the package. The hosting provider will do all work for you. After you move your domain name to the hosting provider’s name server, your domain will have SSL installed. The hosting provider will install everything and your website will be ready to use.

Now if the hosting provider is not offering SSL with the package you can buy from a third party seller. Here you will have two options. One is getting the SSL from the companies your hosting provider is referring or you can buy on your own and then ask the hosting provider to install the SSL for you in the website.

Godaddy.com is a very popular seller of domains, hosting and SSL.  You can buy secure sockets layer service from them. There are many other companies where from you can buy it. Below the list of popular companies which sell SSL.

Choosing the best provider is very important. You need to choose one provider that is very well known.

There are many other companies selling the same service but the quality of service is not up to the mark. Installing a bad SSL is same as installing none at all.

Sometimes cheap providers can provide you the same quality of service as the popular ones offering. This is why it is better to check review of cheap providers before you buy service from them.

Installing SSL in a WordPress website

After installing the SSL on your server, you need to change the URL of your website from the WordPress dashboard. Log in to WP admin and the go to “Settings”.

On your wordpress address and site address , change the URL from HTTP to HTTPS.

If you do not change the URL of your website here then the SSL will not work.

There is another way of redirecting to HTTPS,  which is by adding a few codes in your .htaccess file.

Code:

<IfModule mod_rewrite.c>

RewriteEngine On

RewriteCond %{SERVER_PORT} 80

RewriteRule ^(.*)$ https://www.mywebsite.com/ $1 [R,L]

</IfModule>

This code will make your website redirect from HTTP page to HTTPS.

If you do not want to add SSL in entire website but only to some pages like “payment processing“ page or “log in” page, you can do  that  by  using a very easy plugin https://wordpress.org/plugins/wordpress-https/.

This plugin will allow you to use the secure connection only to specific pages and keep the secure connection off in all other pages.

3 Comments

  1. Johnson - March 13, 2015

    You have constituted right assumptions above. SSL security is quite a necessary nowadays. One more thing I would like to make edit, instead of purchasing directly from CAs, you can save few bucks at their resellers like cheapsslshop.com, ssl247.com, ssl2buy.com etc. There is the vast difference between CA price and these companies.

  2. Md Abul Bashar - January 15, 2016

    Thanks for share awesome article, but i have one question, If i using cpanel redirect option this it’s better? or bad way? can you suggest me please?

Leave a reply

0
Connecting
Please wait...
Send a message

Sorry, we aren't online at the moment. Leave a message.

Your name
* Email
* Describe your issue
    Chat now

    Need more help? Save time by starting your support request online.

    Your name
    * Email
    * Describe your issue
    We're online! Ask us anything!
    Feedback

    Help us help you better! Feel free to leave us any additional feedback.

    How do you rate our support?
      Hey you!
      Want to receive our latest freebies and articles straight to your email?
      We never spam Sparky. We hate it as much as you do!