SITE SEARCH

Free HTTPS certificate: receipt instruction

If you collect any important information onyour website (including email and password), then you need to be safe. One of the best ways to secure yourself is to enable the HTTPS certificate, also known as SSL (Secure Socket Layer), so that all information coming to and from your server is automatically encrypted. HTTPS certificate prevents hackers from hacking confidential information of your users while storing it on the Internet. They will feel safe when they see the HTTPS certificate when they access your site, knowing that they are protected by a security certificate.

Advantages of HTTPS certificate

The best thing in an SSL certificate, like in HTTPS -this is something that it's easy to configure, and once this is done, you will need to direct people to use the HTTPS certificate instead of HTTP. If you try to access your site by placing https: // in front of your URLs right now, you will receive an error message about the HTTPS certificate error. This is because you have not installed the SSL HTTPS certificate. But do not worry - we'll set up right now!

Your visitors will feel safer on your site when they see the HTTPS certificate when they access your site - knowing that it is protected by a security certificate.

HTTPS certificate

What is HTTPS?

HTTP or HTTPS are displayed at the beginning of eachWebsite URLs in a web browser. HTTP is the protocol for transferring hypertext, and S for HTTPS is Secure. In general, this describes the protocol by which data is sent between your browser and the website that you are viewing.

The HTTPS certificate ensures that all communication betweenYour browser and the website you are viewing are encrypted. This means that it's safe. Only receiving and sending computers can see the information when transmitting data (others can access it, but will not be able to read it). On secure sites, the web browser displays a lock icon in the URL area to notify you.

HTTPS should be on any website thatcollects passwords, payments, medical information or other confidential information. But what if you can get a free and valid SSL certificate for your domain?

How does the protection of the website work?

To enable the HTTPS security certificate, youyou need to install SSL (Secure Socket Layer). It contains the public key, which is necessary for the safe start of the session. When an HTTPS connection with a web page is requested, the site sends an SSL certificate to your browser. Then they initiate an "SSL handshake", which includes a "secret" separation to establish a secure connection between your browser and the website.

HTTPS certificate

Standard and Advanced SSL

If the site uses a standard SSL certificate,you will see a lock icon in the browser URL area. If you use the Extended Validation Certificate (EV), the address bar or URL will be green. EV SSL standards are superior to SSL standards. EV SSL provides the identity of the domain owner. Obtaining an EV SSL certificate also requires applicants to undergo a rigorous evaluation process to confirm their authenticity and ownership.

What if I use HTTPS without a certificate?

Even if your website does not accept or transmitthere are several reasons why you might want to have a secure website and use a free and valid SSL certificate for your domain.

Performance. SSL can improve the time it takes to load a page.

Search Engine Optimization (SEO). The goal of Google is to have the Internetsafe and secure for everyone, not just for those who use Google Chrome, Gmail and Drive, for example. The company said that security will be a factor in how they rank the sites in search results. While this is not enough. However, if you have a secure website and your competitors do not, your site can get a higher rank, which may be necessary to increase its popularity from the search results page.

If your site is not secure and it collects passwords orcredit cards, then users of Chrome 56 (released in January 2017) will see a warning that the site is unsafe. Visitors who are not familiar with the technology (most users of the website) may be alarmed when they see the "HTTPS certificate error" window and leave your site, simply because they do not understand what it means. On the other hand, if your site is protected, it can make visitors more at ease, which will increase the likelihood that they will fill out the registration form or leave a comment on your site. Google has a long-term plan to show all HTTP sites as unsafe in Chrome.

HTTPS certificate

Where can I get a free HTTPS certificate?

You receive an SSL certificate from the certification authority. Such certificates are valid for 90 days, but an extension of 60 days is recommended. Some reliable free sources:

  • Cloudflare: free for personal sites and blogs.
  • FreeSSL: free for non-profit organizations and start-ups at the moment; It can not be a Symantec, Thawte, GeoTrust, or RapidSSL client.
  • StartSSL: Certificates are valid for 1 to 3 years.
  • GoDaddy: certificates for open source projects are valid for 1 year.

The certificate type and its validity period depend onsource. Most authorities offer standard SSL certificates for free and charge for EV SSL certificates if they provide them. Cloudflare offers free and paid plans and various additional options.

HTTPS certificate

What should I consider when I receive an SSL certificate?

Here Google recommends a certificate with a 2048-bit key. If you already have a 1024-bit certificate that is weaker, it recommends updating it.

You will need to decide whether you need one, multiple domains or a group certificate:

  1. One certificate will be used for one domain (for example, www.example.com).
  2. A multi-domain certificate will be used for several well-known domains (for example, www.example.com, cdn.example.com, example.co.uk).
  3. A wildcard certificate will be used for a secure domain with many dynamic subdomains (for example, a.example.com, b.example.com).

ssl https certificate

How do I install an SSL certificate?

Your web hosting can install a certificatefree or for a fee. Some hosts actually have the option to install Let's Encrypt in their personal cPanel office, which makes it easier to work in. Ask your current host or find one that offers direct support for Let's Encrypt. If the host does not provide this service, your website maintenance company or developer can install a certificate for you. You should be prepared for the fact that you will have to update the certificate very often. Check the timeframe with the certificate.

HTTPS certificate

What else needs to be done?

After you receive and install the SSL certificate, youYou must force SSL on the site. Again, you can ask your web host, service company or developer to perform this action. However, if you prefer to do this yourself, and your site runs on WordPress, you can do this by downloading, installing, and using the plug-in. With the latter option, be sure to check compatibility with your version of WordPress.

Two popular plugins for compulsoryuse SSL: simple SSLWP, forced SSLSSL-plugin. Be sure to back up your site and be very careful when doing this. If you misconfigure something, it can have deplorable consequences: visitors will not be able to see your site, images are not displayed, scripts are not loaded, which will affect how some things on your site function, for example, typography and colors are not displayed properly way.

You need to redirect users and search enginessystem to HTTPS pages using 301 redirects in the .htaccess file in the root folder on the server. The .htaccess file is an invisible file, so make sure that your FTP program is configured to show hidden files. In FileZilla, for example, go to Server> Force Hidden Files Scan. FileZillaBefore, before adding redirects, it would be nice to create a backup copy of the .htaccess file. On the server, temporarily rename the file, deleting the period (which makes it invisible in the first place), download the file (which will now be visible on your computer as a result of deleting the period), then add the period back to that on the server.

HTTPS certificate

Edit Google Analytics Settings

After completing these steps, you need toChange the preferred URL in your Google Analytics account to display the HTTPS version of your domain. Otherwise, the statistics of your traffic will be disabled, because the version of the HTTP URL is perceived as a completely different site from the version of the HTTPS certificate. The Google Search Console treats HTTP and HTTPS as separate domains, so add the HTTPS domain account to it. Remember, when you switch from HTTP to HTTPS certificate, if there are special access buttons on your site, the counter will be reset.

</ p>
  • Rating:
    • READ THEME
    The HTTPS protocol - what is it?

    The HTTPS protocol - what is it?

    SSL certificate for the organization: what is it?

    SSL certificate for the organization: what is it?

    How to make a redirect from http to https, and why is it needed?

    How to make a redirect from http to https, and why is it needed?

    How to make an HTTPS connection? What is the difference between sites on HTTPS or HTTP?

    How to make an HTTPS connection? What is the difference between sites on HTTPS or HTTP?

    What is an HTTPS port, and what are the ways to open it

    What is an HTTPS port, and what are the ways to open it

    What are the advantages and disadvantages of a savings certificate?

    What are the advantages and disadvantages of a savings certificate?