Welcome to Bucaro TecHelp!

Bucaro TecHelp
HTTPS Encryption not required because no account numbers or
personal information is ever requested or accepted by this site

About Bucaro TecHelp About BTH User Agreement User Agreement Privacy Policy Privacy Site Map Site Map Contact Bucaro TecHelp Contact RSS News Feeds News Feeds

Creating a Secure Website Using Secure Socket Layer (SSL)

By Marcus Lim

When setting up a website that will require payment through credit card or that will require clients to provide sensitive personal information, it is important you apply ask for a minimum level of security form your web hosting or domain registration service provider. That way, you can make it much more difficult for your clients or your business to fall prey to identity thieves and credit card scammers. One protocol that has effectively become the de facto standard for website security is Secure Socket Layer (or SSL). The basic concept behind the SSL technology is establishing a secure connection between the end user and the website and thereafter encrypting any information exchanged between the end user and the website.

SSL technology works by the use of internet keys with a private and a public key required. When an end user contacts an SSL secured website, there is an exchange of these keys in order to establish the identity of both parties for the rest of the data transmission session. Once a client logs into a website that is secured through SSL, the computer they have logged in from receives the public key from the website and in turn sends an encryption key to the web hosting server. The key from the client's computer triggers the release of a password that is sent to the client's computer that is decrypted by the client's computer hence ensuring that the exchange of information is only done between the client's computer and the web hosting server for the website.

The successful exchange of keys is sometimes referred to as a digital signature. Once these keys are exchanged and the session established, clients can safely key in their personal information without the fear of data interception or session hijack between their computers and the web hosting server. The use of keys means that the data is encrypted using the public key but can only be decrypted by a corresponding private key held by the final recipient of the data. When you use a web hosting or domain registration that either provides or facilitates SSL security, users can come to your website with greater assurance of the integrity of any data exchanged.

One of the things that makes SSL technology so reliable is the fact that best practice requires the use of a third party authentication company such as Verisign or Thawte to complete authentication. You as the website owner in liaison with your web hosting or domain registration service provider can first secure your website by creating a private and public key as a first step. You then need to contract the third party authentication providers to further encrypt your public code using their third party private key in order to provide the tertiary security that cannot be deciphered even by you as the website owner. Before accessing this service, the third party authentication providers will require proof of ownership of the web hosting server as well as confirmation that you are the owner company as indicated in the domain registration data.

Steps on how to make an SSL secured website

First develop a standard website by using HTML, PHP, ASP or any other web development language that you prefer.
Once your website is ready, you will then go through the normal process of domain registration and procuring the services of a web hosting provider.
It is only after you do this that you will go ahead to purchase SSL certification from the third party SSL companies such as GoDaddy SSL, Comodo, Thawte, Verisign etcetera. Many domain registration and web hosting companies are also agents for selling SSL certification. Therefore, you can easily purchase your SSL certification through your web hosting company. The SSL company will simply verify your ownership and confirm details of the company before completing the process of securing the website.
Once the SSL certificate issuer has verified ownership and authenticity of the website, they will provide you with the symbols you can use to identify that your website has been secured by them.
SSL websites start with the prefix "https://" as opposed to the regular "http://". They will also have a symbol such as a padlock but the actual symbol is dependent on the web browser the end user has.

Pace Work Technologies is a fast web hosting company and a domain registration company.

More Web Design Coding Issues:
• Create a Simple, Effective PHP Form for Your Web Site
• Video - HTTP caching
• Web Design Troubleshooting Guide
• Video - Optimizing the Order of Scripts and Styles
• What is AJAX?
• Update Your Entire Website Instantly Using Server Side Includes (SSI)
• Various Types of Website Hacking
• Advantages and Disadvantages of Frames
• Six Ways to Center an Element on a Webpage
• Syndicate your own content Using aspSyndicator
Menu - More
Website Coding Issues

RSS Feed RSS Feed

Follow Stephen Bucaro Follow @Stephen Bucaro


Fire HD
[Site User Agreement] [Privacy Policy] [Site map] [Search This Site] [Contact Form]
Copyright©2001-2024 Bucaro TecHelp 13771 N Fountain Hills Blvd Suite 114-248 Fountain Hills, AZ 85268