Advertisement!…

Are you still looking for an affordable Cloud Web Hosting Service Provider with a particular emphasis on speed, scalability and security? Then EagleProHost.com may be for you!

Why your site needs a SSL Certificate and Why you should use SSL Checker

Just to name a few benefits: 

  • SSL Certificates Secure the Transfer of Data. It's important to secure data that's submitted to your web server from your users, especially if that data is sensitive in nature.
  • An SSL Certificate has SEO Benefits.
  • SSL Certificates Earn Your Users' Trust.

In other words, an SSL Certificate is nowadays a must have, not only for a respected online shop, but also for any website at large. SSLs are widespread on web pages where users sign in to a backend area. Even Google has also openly confirmed its preference for websites whose traffic is redirected to HTTPS. 

But even with those recommendations and the benefits SSL Certificate may bring to a site, many site owners are just not interested in having it installed in their sites.

Sadly, I have noticed that many Government, University or even some Financial Institution owned Sites lack SSL Certificate on their sites, and if any, it's wrongly installed or it does not redirect their pages to https://.

Just think about it. If you or your hosting provider have installed a SSL Certificate for your site, the first thing you should do is to check if your SSL Certificate is correctly installed and if it's redirecting all pages to https://.

You can always Google the keyword "ssl checker" and you will see a lot of options to choose from. And if your pages are not redirecting to https://, you can simply use the .htaccess code below to fix the problem.

How to force SSL with .htaccess

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [L,R=301]
RewriteEngine On
RewriteCond %{SERVER_PORT} !443
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [L,R=301]

You see, nowadays, most Web Hosting Companies offer Let's Encrypt Free SSL Certificates for their clients. So why not take advantage of it? I mean, lets face it. If evil minded people can hack a site that has a SSL Certificate installed, what do you think can happen to a site that has not?

But in this article, I will be talking to those whose websites are being hosted in Hepsia Control Panel.

So what is Hepsia Control Panel all about? 
The Hepsia Control Panel is the brainchild of a group of talented web developers who believed that everyone should be able to manage their websites, domain names and billing transactions with ease from a single location.

But this team of talented web developers didn't stop there, they went ahead and added SSL certificates section of the Control Panel which now offers a more simplified and intuitive interface for managing your SSLs.

Which means, you as a website owner, can now generate and add SSL certificates from one place with a click of the mouse.

Plus, the SSL generation procedure itself has been streamlined to help you get your certificate faster and easier.

What are the new SSL section updates about?

SSL certificates are a very effective tool for safeguarding your commercial website and creating trust with your audience.

In recent years SSL certificates have also turned into an important ranking factor as well, with search engines prioritizing ‘https’ sites over non-http ones.

This has made SSL certificates one of the most sought-after services on our platform, which has created a need for some improvements to the way SSL are obtained and managed.

Here is what those improvements are about:

All SSL operations under one roof

So far, the SSL generation procedure has been split between the ‘hosted domains’ section (the “Edit host” option) for domains hosted on our platform and the ‘SSL certificates’ section of the Control Panel for domains hosted somewhere else.

Managing the existing SSL installations has been done through the SSL certificates section.

With SSLs gaining momentum, it has become necessary to make it easier for users to handle the growing number of SSL they have.

For this reason, we’ve moved all SSL generation and management operations under one roof.

This way, you will now be able to easily request and manage SSL certificates from just one place.

SSL certificates organized into two tables

For the sake of convenience, SSL certificates have now been organized into two tables.

On the top of the screen you can see a table of all active domains and subdomains, which are hosted in your account, no matter if they have SSL installed or not:

From there, you will be able to manage all existing SSL certificates with a click of the mouse.

Moreover, you will be able to easily add SSLs to selected hosts, which would help scale up SSL sales for your store:

Scrolling down you will see a table with all domains, which are registered with us but are hosted outside your account, or domains which do not resolve properly for some reason.

Again, you will be able to generate SSL certificates for them or manage the existing installations.

Different SSL scenarios

Depending on the particular SSL case, hosts will be listed in the aforementioned tables like this:

  • A domain with an active SSL – the following information will be listed per certificate: status, expiration date, SSL type (regular/Let’s encrypt); from the ‘details’ column, the user will be able to download the given certificate’s details (CSR, private key, certificate, CA bundle);

  • A domain with a non-active SSL (ordered from us) – a special icon will mark the inactive status of the SSL; the user will need to click on the icon in order to activate the SSL; a modal window will allow them to select the shared/dedicated SSL they want to install the SSL on;
  • A domain without an SSL – a special ‘add SSL certificate’ link will let the user order a regular SSL, request a ‘‘Let’s encrypt’ certificate or upload an SSL, which has been obtained from somewhere else.

Please keep in mind that If you have an SSL installed for a given host, that host will only be able to use an ‘SSL-friendly’ IP address.

So if, for example, you want to point an SSL-installed host to the shared IP of the hosting account (from the ‘edit host’ option in the ‘hosted domains’ section), you will need to deactivate that SSL first.

You can do that by using the “deactivate” icon in the table:

Types of SSL certificates you can obtain and manage on our platform

From the Control Panel, you can order a regular SSL certificate or request the installation of a ‘Let’s encrypt’ certificate.

Both ‘Let’s encrypt’ and regular SSLs will do the encryption job that is expected of them to protect your sites against interception and eavesdropping.

So, your choice will solely be determined by the type of site you manage and hence your security needs.

Here is what you need to consider when choosing an SSL certificate:

‘Let’s encrypt’ certificates – really quick and easy to install. Perfect for non-commercial sites, blogs or photo galleries. Valid for only 90 days and must be renewed before they expire. On our platform, ‘Let’s encrypt’ certificates are renewed automatically, so you won’t have to worry about that.

Regular SSL certificates – include a warranty against misuse or mis-issuance. Suitable for e-stores or enterprise sites, which need warranty-equipped SSL certificate issued by an established CA. Valid for at least one year and can be purchased for more years in advance.

Third-party certificates – if you have an SSL certificate purchased from somewhere else, you can upload it to a selected host with a click of the mouse.

Note:

Apart from being a powerful security feature, SSL certificates are also a great trust indicator and a search ranking factor for websites.

With the newly improved SSL certificates section of the Control Panel, you will now be able to add and manage multiple SSLs from your account much easier than before.

Let’s Encrypt-based SSL certificates now free in the Control Panel

Introduced back in 2016, Let’s Encrypt represents a free open certificate authority (CA), which provides website owners with digital certificates for enabling HTTPS (SSL/TLS).

It was launched by the Internet Security Research Group (ISRG), a public-benefit organization sponsored by the Mozilla Foundation, the Electronic Frontier Foundation (EFF) and Cisco Systems, with the aim of making HTTPS encryption both affordable and user-friendly.

Their main goal is to create a more secure, privacy-driven web.

Let’s Encrypt certificates are:

  • free to use: each domain name owner can obtain a trusted certificate at absolutely no cost;
  • automatic: the certificate setup and renewal procedures are fully automated; no human intervention is needed;
  • simple to use: there are neither payments to make nor validation emails to respond to;
  • secure: Let’s Encrypt serves as a platform for implementing the latest security practices;
  • fully transparent: all issued certificates are publicly available for anyone to view;
  • open: the issuance and renewal protocol is published as an open standard that can be adopted;
  • ‘self-regulated’: Let’s Encrypt is a joint community effort, beyond the control of any organization;

What are the differences between regular and Let’s Encrypt SSLs?

Let’s Encrypt offers you a free and automated way of obtaining SSL certificates for your sites, so you may ask yourself: “Why would I ever go with a regular SSL certificate?”.

Just like regular SSL certificates, Let’s Encrypt certificates offer basic SSL encryption, i.e. they give site visitors assurance that they are exchanging information with the domain that is visible in the address bar and that their personal data (login details, credit card information, etc.) cannot be eavesdropped.

Also, Let’s Encrypt certificates are trusted by all major browsers.

If a site is using a Let’s Encrypt SSL, you will see “https://” at the beginning of the URL in your browser’s address bar, along with a green padlock.

So, what Let’s Encrypt certificates offer, is a secure communication most site visitors will feel comfortable with.

However, as a business entity, you may also need a certain security guarantee against online abuses and this is where commercial SSLs kick in.

Read further below to learn more about the differences between a Let’s Encrypt certificate and a regular SSL:

    • Warranty: Let’s Encrypt certificates do not include a warranty against misuse or mis-issuance, whereas regular SSLs do. While this may not be a problem for smaller websites, for larger organizations most probably will.
    • Wildcard Certificates: Let’s Encrypt does not offer wildcard or multi-domain certificates, whereas traditional CAs usually do.
    • Validity Period: Let’s Encrypt certificates are only valid for 90 days and must be renewed before they expire. Most regular SSL certificates are valid for at least one year. HTTPS site owners can also choose a longer validity period (3, 5, etc. years). On our platform, Let’s Encrypt certificates are renewed automatically, so you won’t have to worry about that.
    • Support: Let’s Encrypt does not offer assistance with creating or installing SSL certificates. Only community help is available.This can be an issue for organizations that need to quickly equip their business sites with an SSL. However, this could be easily curbed with a quick re-generation and re-installation of the problematic Let’s Encrypt SSL.

    A Let’s Encrypt certificate or a commercial SSL – the final verdict

    Both Let’s Encrypt and commercial SSLs will do the encryption job that is expected of them in order to protect your sites against interception and eavesdropping.

    So, your choice will solely be determined by the type of site you manage, which in fact defines your security requirements.

    If you own a non-commercial site, a blog or a photo gallery, or just need a quickly configurable, simple and free SSL certificate that you can obtain with minimum effort, then Let’s Encrypt is the way to go.

    If you run an e-store or an enterprise site, then you will need to invest in a paid, warranty-equipped SSL certificate issued by an established CA.

    Due to Google’s recently voiced intent to give HTTPS sites higher search rankings and the subsequent rise of authorized SSL resellers, the prices for commercial SSLs have been going down steadily.

    Today, every e-commerce website owner can obtain an affordable commercial SSL certificate from a reputable authority.

    We’ve already lowered the prices for both regular and wildcard certificates and are doing our best to make sure you get the best security insurance on the web.

    How do I enable a Let’s Encrypt SSL certificate for my site?

    You can request a Let’s Encrypt certificate for your sites with a click from the Hosted Domains section of the Control Panel.

About Us

We are a small team of well-trained professionals, dedicating our time to web design & development, graphics & logo design, and online marketing services for all types of businesses.