Tag Archives: ssl

System Engineering

How To Redirect HTTP URLs to HTTPS Via .htaccesss File?

Leave a comment

After the SSL is installed on your domain name, you will need to redirect all non-secure HTTP links to their secure HTTPS connection for several important reasons.

For any website to work over SSL, there are some modifications you will need to make to your .htaccess file, and then it will redirect your visitors to the HTTPS version of your website. To start with the process of HTTP redirection simply login to your Sangkrit.net account and follow these steps:

  1. Go to your product page.
  2. Under the Server, click Manage for cPanel
  3. In the Account Dashboard, click File Manager.
  4. In the cPanel File Manager, click Settings.
  5. Make sure that Show Hidden Files (dotfiles) is checked, and click Save.
  6. Click on public_html, and open your .htaccess if you already have one. If not, click File+, name the file .htaccess and click Create New File.
  7. Select the .htaccess file, and click Edit.
    • If you just created your .htaccess file, use this code:
      RewriteEngine On RewriteCond %{SERVER_PORT} 80 RewriteCond %{HTTP_HOST} ^(www\.)?coolexample\.com RewriteRule ^(.*)$ https://www.coolexample.com/$1 [R,L]
    • If your .htaccess file already exists, insert the lines that begin with ReWriteCond and RewriteRule directly after the already existing ReWriteEngine On.
    • Click Save Changes and Close. 

That’s it. Visit your website and you’ll be re-directed to the HTTPS version.

How To Redirect HTTP To HTTPS In WordPress?

  1. Log into your WordPress Dashboard.
  2. Visit Settings, click General.
  3. Locate the following fields:
    • WordPress Address (URL)
    • Site Address (URL)
  4. In each field, update your URLs from http to https
  5. Scroll down and click Save Changes.
  6. Open your current .htaccess file in the /public_html/ folder with the cPanel file manager for editing. If you don’t already have a .htaccess file, you’ll need to create one.
  7. Insert the following code at the top of your .htaccess file:
  8. Click Save Changes at the top-right corner of the screen.

In some cases, you will need to edit your .htaccess file, if you don’t want that then use a WordPress plugin like Really Simple SSL. This saves you from the technical steps edit file editing on the server.

System Engineering

The Importance Of Redirecting HTTP To HTTPS After Installing SSL

Leave a comment

Redirecting HTTP to HTTPS after installing an SSL Certificate is important as both HTTP and HTTPS versions start to work simultaneously on your website and most of your traffic continues to land on the old HTTP version. It is crucial for several other reasons as well –

  1. Website Security: HTTPS encrypts data transmitted between the user’s browser and your website, making it secure and protecting sensitive information such as login credentials, payment details, and personal data. If your website is accessible via HTTP, users’ data may be vulnerable to interception and tampering.
  2. User Experience: Search engines like Google prioritize HTTPS websites in their search rankings. This means that redirecting to HTTPS can improve your website’s visibility and attract more organic traffic. Additionally, users are becoming increasingly aware of the importance of online security and are more likely to trust and interact with websites that use HTTPS.
  3. Compliance: Many industries and regulatory bodies require websites to use HTTPS to protect sensitive data. By redirecting HTTP to HTTPS, you ensure that your website complies with these regulations.
  4. Mixed Content Issues: When a webpage loads content over both HTTP and HTTPS, it can cause security issues and disrupt the user experience. Redirecting to HTTPS ensures that all content is loaded securely.

Methods Of Redirecting HTTP to HTTPS

There are several ways to redirect HTTP to HTTPS, including:

  • Using server configuration: Most web servers (like Apache and Nginx) allow you to configure redirects using their built-in features. This method contains some very technical steps.
  • Using a .htaccess file: If you’re using Apache, you can create a .htaccess file in your website’s root directory and add a redirect rule. This method is easier in comparison to the above method.
  • Using a plugin or tool: Many content management systems (CMS) and web hosting providers offer plugins or tools that can automatically redirect HTTP traffic to HTTPS. This is the easiest one, WordPress users can simply use the ‘Really Simple SSL’ plugin.

Redirecting HTTP to HTTPS is essential for ensuring the security, user experience, compliance, and overall success of your website. The next lesson will guide you through the complete process of redirecting the HTTP version of your website to the secure HTTPS version.

System Engineering

Wildcard & Multi-Domain SSL Certificates: Which One Do You Need?

Leave a comment

A Wildcard SSL Certificate and a Multi-Domain SSL Certificate (SAN or Subject Alternative Name certificate) allow you to secure multiple websites or subdomains under a single certificate. Here’s an explanation of each.

Wildcard SSL Certificate

A Wildcard SSL certificate is designed to secure a domain and all its subdomains.

For example, if you have a Wildcard SSL for *.example.com, it will secure the main domain, example.com, as well as any subdomains such as blog.example.com, shop.example.com, and other subdomains like mail.example.com. This makes it ideal for businesses or website owners managing several subdomains under one domain, ensuring that all of them are encrypted without needing separate certificates.

Multi-Domain SSL Certificate (SAN Certificate)

A Multi-Domain SSL, or SAN SSL, is meant to secure multiple distinct domain names within a single certificate. It can cover different domains, subdomains, or even various domain extensions.

For example, one SAN certificate could secure example.com, example.net, shop.example.org, and anotherdomain.com. This type of SSL is useful for businesses or individuals managing multiple domains or websites, allowing them to secure each domain or subdomain without purchasing separate SSL certificates.

The main difference between the two is that Wildcard SSL focuses on securing all subdomains of a single domain, whereas Multi-Domain SSL allows for securing multiple different domains and subdomains with one certificate.

Another important thing you should know is that all multi-domain SSL certificates are wild-card compatible but not all wild-card certificates are multi-domain compatible so choose wisely.

Benefits of These SSL Certificates

Both Wildcard and Multi-Domain SSL certificates are cost-effective, reducing the need to purchase and manage multiple certificates. They also simplify the management process, as you only need to handle one certificate instead of several, especially when it comes to renewals.

Apart from this, both certificate types ensure that all domains and subdomains under the certificate are encrypted and secure, enhancing the security of your web presence.

Whether you need to secure multiple subdomains or entirely different domain names, Wildcard and Multi-Domain SSL certificates offer convenient and flexible solutions to ensure that your websites remain secure.

Which SSL Do You Need?

The choice between the two comes down to whether you’re primarily securing subdomains of a single domain or need to cover multiple domains. If your focus is securing multiple subdomains under one main domain, a Wildcard SSL is the best fit.

However, if you need to secure entirely different domains, then a Multi-Domain SSL is the solution. Both options offer robust security but are tailored for different needs. You can easily subscribe to your choice of SSL certificate from here.

System Engineering

Reasons Why Your Website Displays ‘Not Secure’ SSL Warning

Leave a comment

A “Not Secure” warning on your website typically appears when the website does not have an SSL, the SSL is invalid, or is not properly configured. This lesson lists various reasons why your website may show such types of warnings on certain web browsers.

You Have No SSL Certificate

If you have not yet subscribed to an SSL certificate and your website is using HTTP instead of HTTPS then most browsers will show a “Not Secure” warning on your website. The main reason behind this is HTTP connections are not encrypted, leaving data vulnerable to interception.

How To Fix It? Subscribe and install an SSL certificate on your website.

Your SSL Certificate Is Expired

If your SSL certificate has expired, the browser will treat the website as insecure and show the warning, even though you had HTTPS enabled before.

How To Fix It? Renew expired SSL certificates promptly.

Mismatched Domain SSL Certificate

If your SSL certificate is not properly configured to match your domain (e.g., you installed the certificate for example.com but visitors are accessing www.example.com), a warning will be triggered.

How To Fix It? You may either subscribe to a multi-domain wildcard SSL certificate or force all traffic to the correct version of your website and set up a redirect using .htaccess or server configuration.

If you realize that your SSL certificate was issued for the wrong version of your domain, request a reissue from your Certificate Authority (CA).

Mixed Content

Even if your site uses HTTPS, if some elements like images, scripts, or stylesheets are loaded over HTTP, browsers will show a “Not Secure” warning due to the mixed content.

How To Fix It? Ensure all links, images, and scripts on the site are loaded over HTTPS to avoid mixed content warnings. Use a plugin such as Really Simple SSL to fix insecure content warnings.

Untrusted Certificate Authority (CA)

If your SSL certificate was issued by a Certificate Authority (CA) that is not trusted by major browsers, or if it’s self-signed, the website will be flagged as “Not Secure.”

How To Fix It? Subscribe your SSL certificate from a trusted authority.

Domains, System Engineering

How To Enforce HTTPS (SSL) URLs On Your Website?

Leave a comment

SSL securely transforms data from the client to the server by adding encryptions. Before it was used to protect transactions and customer data, but now it has become Google’s official Internet ranking factor.

Once you subscribe and install SSL on your website, the website starts using both HTTP and HTTPS URLs which means visitors landing on HTTP from old links such as old search archives or links on other websites will continue to land on HTTP. Whereas visitors using the new HTTPS will get HTTPS. Here you will need to make sure that all visitors must land on secure HTTPS URLs of your website and that can only be done by enforcing SSL all over your website.

To force your website to use HTTPS on all links you will need to redirect HTTP to HTTPS and there are various methods of doing this.

Redirecting HTTP To HTTPS Via cPanel

  1. Simply log in to your hosting account and open cPanel.
  2. In cPanel, navigate to ‘Domains’ and toggle the “Force HTTPS Redirect” option for your domain.

Redirecting HTTP To HTTPS Via .htaccess File

Another way of enforcing SSL is by adding a few lines of code in .htaccess file which is located in the root directory of your website.

  1. Log in to your hosting account and open cPanel.
  2. Navigate to cPanel -> File Manager
  3. Open Public_HTML and then the directory where your website is located. If your website is on the main domain i.e. yourdomain.com then it would be located in the Public_HTML directory itself.
  4. Add the following code and save the file.

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Or, for forcing SSL over one specific domain name use this code:

RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.url.com/$1 [R,L]

Or, for forcing SSL over some such as domain.com/subdir. First, create a new .htaccess file in that specific directory and then add the following code:

RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} subdir
RewriteRule ^(.*)$ https://www.url.com/subdir/$1 [R,L]

If you see some existing code in your .htacess file then add these lines on the top where rules start with similar prefixes.

By default .htaccess is kept as a hidden file so if don’t find it on your cPanel hosting’s file manager then click the ‘Settings’ icon (visible on the top right corner of the file manager) and tick ‘Display hidden files’ option.

And if you don’t find any .htaccess file in the file manager then probably your website is not using such .htaccess file. In that case, simply create one by naming it .htaccess and then open it for editing.

Don’t forget to change domain.com with your own domain name and SUBDIR with the name of the sub directory where you want to force an HTTPS connection.

Redirecting HTTP to HTTPS In WordPress

WordPress users may simply use a plugin called Easy HTTPS Redirection (SSL). The plugin lets you automatically set up a redirection to the HTTPS version of a URL when anyone tries to access the old HTTP version.

System Engineering

How To Choose Between DV, SAN & EV SSL Certificates?

Leave a comment

UCC (Unified Communications Certificate) and SAN (Subject Alternative Name) DV (Domain Validated) SSL certificates are both types of SSL/TLS certificates used to secure websites and online communications. While they serve similar purposes, there are some key differences between them:

Usage and Compatibility

  • UCC SSL certificates are specifically designed for use with Microsoft Exchange and Microsoft Office Communications Server (OCS), which require SSL certificates with multiple domain names (also known as Subject Alternative Names or SANs) to secure various services such as Outlook Web Access, Autodiscover, and Unified Messaging.
  • SAN DV SSL certificates, on the other hand, are more general-purpose SSL certificates that support multiple domain names (SANs) and can be used with a wide range of web servers and applications. They are commonly used to secure websites with multiple domain names or subdomains.

Validation Process

  • Both UCC and SAN DV SSL certificates are Domain Validated (DV) certificates, meaning that the certificate authority verifies only the domain ownership of the applicant. This validation process is typically automated and does not involve extensive vetting of the organization or individual requesting the certificate.
  • As DV certificates, neither UCC nor SAN SSL certificates provide any information about the identity or legitimacy of the organization or individual behind the website. They simply confirm that the applicant has control over the domain(s) listed in the certificate.

Number of SANs Supported

  • UCC SSL certificates typically support a higher number of Subject Alternative Names (SANs) compared to SAN DV SSL certificates. UCC certificates can secure multiple domain names (up to 250 or more), making them ideal for large organizations with complex IT infrastructures and multiple domains.
  • SAN DV SSL certificates typically support a more limited number of SANs, often ranging from 1 to 100 domain names or subdomains. While this may be sufficient for many websites and small businesses, organizations with a larger number of domain names may require a UCC certificate for comprehensive coverage.

Price and Availability

  • UCC SSL certificates tend to be more expensive than SAN DV SSL certificates due to their advanced features and support for a higher number of SANs. The cost of UCC certificates may vary depending on the number of SANs included and the certificate authority (CA) issuing the certificate.
  • SAN DV SSL certificates are more affordable and widely available, making them a popular choice for small to medium-sized businesses and website owners looking to secure multiple domain names or subdomains without breaking the bank.

    While both UCC and SAN DV SSL certificates offer support for multiple domain names, UCC certificates are specifically tailored for Microsoft environments and support a higher number of SANs. SAN DV SSL certificates, on the other hand, are more versatile and cost-effective, making them suitable for a wide range of web servers and applications. The choice between the two depends on your specific requirements, budget, and compatibility with your IT infrastructure.

    The Extended Validation of EV SSL

    Extended Validation (EV) SSL certificates are a type of SSL/TLS certificate that provides the highest level of validation and assurance for websites. Unlike Domain Validated (DV) and Organization Validated (OV) certificates, which only verify domain ownership and basic organization information, EV SSL certificates undergo a rigorous validation process to verify the legal identity and legitimacy of the organization behind the website.

    The main features of EV SSL certificates include:

    1. Extended Validation Process: The validation process for EV SSL certificates involves thorough vetting of the organization’s legal identity, operational existence, physical address, and ownership details. Certificate authorities (CAs) conduct extensive background checks and verification procedures to ensure that the organization is legitimate and trustworthy.
    2. Green Address Bar: One of the most distinctive features of EV SSL certificates is the green address bar that appears in the browser when visitors access a website secured with an EV certificate. This green bar provides visual assurance to users that the website is authenticated and belongs to a legitimate organization. It helps build trust and confidence among visitors, increasing conversion rates and reducing the risk of phishing attacks.
    3. Highest Level of Encryption: Like other SSL/TLS certificates, EV SSL certificates provide strong encryption to secure data transmitted between the website and visitors’ browsers. They use industry-standard encryption algorithms (e.g., RSA or ECC) and support key lengths of 2048 bits or higher to protect sensitive information from unauthorized access and interception.
    4. Browser Compatibility: EV SSL certificates are widely supported by modern web browsers, including Google Chrome, Mozilla Firefox, Apple Safari, Microsoft Edge, and others. They are recognized and trusted by all major browsers, ensuring that visitors see the green address bar and know that the website is authenticated and secure.
    5. Enhanced Trust and Credibility: By displaying the green address bar and undergoing a stringent validation process, websites secured with EV SSL certificates demonstrate a commitment to security and trustworthiness. This can have a positive impact on brand reputation, customer confidence, and online credibility, leading to increased user engagement, sales, and conversions.

    Overall, EV SSL certificates offer the highest level of validation, security, and trust for websites, making them ideal for e-commerce sites, financial institutions, government agencies, and any organization that values online trust and credibility. While EV certificates may be more expensive and require more extensive validation compared to DV and OV certificates, the benefits of enhanced security and customer trust justify the investment for many businesses and organizations.

    How To Choose & Subscribe?

    You may either choose the choice of your SSL from Sangkrit.net Regular SSL Service which also offers another SSL option called EV SSL i.e. extended validation. Alternatively, you may go for Managed SSL Service where a team handles the installation and maintenance of your SSL over your websites.

    System Engineering

    Elevate Your Website’s Security Standards With Fully Managed SSL Service

    Leave a comment

    The new Managed SSL Service at Sangkrit.net saves you from the technical steps of installing and implementing HTTPS over your domains.

    What Is Managed SSL Service?

    It handles the installation, configuration, management, and renewal of SSL(Secure Socket Layer) certificates on your websites and the service ensures that your website stays safe and secure on the internet.

    The Managed SSL Service also saves you from common encryption errors such as:

    • SSL not found error
    • Mixed-content error
    • HTTPS redirect failure error
    • SSL certificate mismatch error

    SSL certificates are essential for securing data transmitted between a user’s browser and a website’s server, ensuring that sensitive information such as login credentials, personal details, and payment information is encrypted and protected from malicious actors.

    What Is Managed SSL Service Offers You?

    Here’s an overview of the features that Managed SSL Service offers:

    Installation & Setup

    Managed SSL Service providers handle the entire process of obtaining and installing SSL certificates on your website. This includes generating a Certificate Signing Request (CSR), validating domain ownership, and configuring the server to use HTTPS.

    Automatic Renewal

    SSL certificates have an expiration date, typically ranging from a few months to a year. If you leave this option on, the Managed SSL Service ensures that your certificates are automatically renewed before they expire, preventing any disruption in your website’s security.

    Certificate Types

    Managed SSL services offer various types of SSL certificates, including Domain Validated (DV), Organization Validated (OV), and Extended Validation (EV) certificates. They can also provide Wildcard and Multi-Domain (SAN) certificates to secure multiple subdomains or domains.

    Security & Trust

    Managed SSL services offer SSL certificates from reputable Certificate Authorities (CAs) that are recognized and trusted by web browsers. This ensures that your website is not flagged as “Not Secure,” and users can browse your site with confidence.

    SEO Benefits

    Search engines, including Google, consider HTTPS as a ranking factor. Having an SSL certificate can positively impact your website’s search engine rankings, leading to improved SEO performance.

    Support & Troubleshooting

    Managed SSL services often provide technical support to address any issues related to SSL certificates. They can help with setup, configuration, and troubleshooting to ensure your website’s security is maintained.

    Compatibility & Updates

    Managed SSL services ensure that your SSL certificates are compatible with modern web standards and are regularly updated to meet evolving security requirements.

    Compatibility with CDN & Load Balancers

    Managed SSL services can help you configure SSL certificates for content delivery networks (CDNs) and load balancers, ensuring that your entire website’s traffic is securely encrypted.

    Simplified Management

    By outsourcing SSL management, website owners can focus on other aspects of their business without worrying about the technical details of certificate installation and renewal.

    PCI Compliance

    For websites that handle online payments, an SSL certificate is essential for Payment Card Industry Data Security Standard (PCI DSS) compliance.

    Green Padlock Symbol

    An SSL certificate displays a green padlock symbol in the browser’s address bar, indicating that the connection is secure. This symbol builds trust with users and can potentially increase conversions on e-commerce sites.

    Managed SSL Service is a convenient option for website owners who want to ensure the security of their visitors’ data without dealing with the complexities of SSL certificate management. It allows businesses to focus on their core activities while benefiting from enhanced website security and improved user trust.

    How Managed SSL Service Works?

    Authentication is the keystone of SSL protection. After you subscribe to a Managed SSL, the system itself validates your domain and issues an SSL certificate to ensure your website only takes a secure connection.

    Once the system configures the SSL certificate on your domain and verifies that everything is accurate, you receive an email saying that your website is now successfully running over a secure HTTPS connection.

    The service offers you Domain Validation (DV) SSL certificates via Managed SSL Service. You can purchase a certificate for a single site or a multiple-domains certificate i.e. SAN SSL that secures one primary plus four additional domains i.e. a total of five domains.

    Homeschool

    Why It Matters To Add SSL To Your Website?

    Leave a comment

    Adding SSL i.e. HTTPS protocol to your website is a critical step in ensuring data security, building user trust, and improving search engine visibility.

    You can successfully implement HTTPS and provide a secure browsing experience to your website visitors, by subscribing to a SSL plan here. Enabling HTTPS i.e. HyperText Transfer Protocol Secure to your website is important for several reasons.

    SSL Is Important For Data Security

    An SSL certificate will encrypt the communication between a user’s browser and your website, ensuring that sensitive data such as login credentials, credit card information, and personal details remain secure and protected from unauthorized access or interception. It helps prevent data breaches, identity theft, and tampering with information in transit.

    SSL Builds The Trust

    It provides a visual indicator on the address bar of your website that builds visitors’ trust. When a visitor accesses your website, he doesn’t see the browser warning of an insecure or untrusted zone. Instead, he sees the padlock icon called the secure label, and that makes him know that his connection is encrypted and his data is being securely transmitted.

    Hence, it builds trust and confidence in your website, especially when your website is handling sensitive information or conducting online transactions.

    Search Engine & SEO Benefits

    Now dominant search engines, like Google, consider HTTPS as a ranking factor. Websites having an HTTPS connection are more likely to rank higher on search engine results pages compared to non-secure websites. Hence, implementing an HTTPS connection can improve your website’s visibility and organic traffic from the search.

    How To Add SSL To Your Website?

    You simply need to subscribe to a general SSL plan or Managed SSL Service and the automated process will guide you in doing that. The Dedicated Server, VPS, Managed WordPress, and certain web hosting users can take benefit from free SSL service.

    WordPress

    How To Auto Configure SSL In WordPress Website?

    Leave a comment

    SSL stands for Secured Socket Layer. When configured it can be seen in the address bar of your website as an HTTPS lock icon instead of HTTP which generally works on websites having no SSL certificate.

    The main work of an SSL certificate is to implement encryption to protect sensitive information such as log-in details, credit card numbers, and other sensitive data from unauthorized people and bots.

    Apart from this, it has now become an SEO and internet ranking factor so now it positively impacts the website’s visibility on search engines. All popular web browsers now show a warning of an insecure zone on websites that don’t use SSL certificates.

    Anyone can subscribe to an SSL certificate plan such as Standard SSL and Managed SSL for adding an SSL to their website. Free Auto-SSL service is also available for the VPS and Dedicated Server users at Sangkrit.net.

    This lesson will guide you on how you can auto-configure SSL on your WordPress Website. Because even when you subscribe and install SSL on your website’s hosting, common issues such as partial encryption, and mixed content errors arise, and the website doesn’t get redirected to HTTPS. As a result, both HTTP and HTTPS modes remain active for the users, which is not at all good.

    How To Automatically Configure Your Website To Use HTTPS?

    You simply need to log in to your WordPress site and navigate to Plugins -> Add New page and then search for the Really Simple SSL plugin. Install and activate the plugin, upon activation the plugin will automatically configure your website to use SSL to its fullest potential. It takes your website from HTTP to HTTPS in just one click.

    Apart from this it also offers features to keep track of your server’s health, and tweak configuration to keep WordPress fortified and safe by tackling its weaknesses. It keeps you notified when plugins, themes or core contain vulnerabilities and need appropriate action.

    Homeschool

    Build A Secure Website To Stop Losing Traffic From Browser’s ‘Not Secure’ Warning

    Leave a comment

    The browser’s not secure warning shows up to your visitors when your website doesn’t provide them a secure connection i.e. HTTPS encryption. To dismiss this warning you will need to add an SSL Certificate to your website.

    The servers and hosting services such as Managed WordPress and Cloud Hosting at Sangkrit.net provides you with free auto SSL and hence when you make your website at Sangkrit.net you don’t need to subscribe to SSL separately. Although, there are plans to subscribe to a premium SSL you may stick to a self-signed free SSL also.

    To easily start a secure website you simply need to register your domain name and subscribe to a Managed WordPress plan that gives you a highly customizable, professional-looking secure website which you can manage on your own. A Domain and subscription to Managed WordPress is a complete package, you need nothing else. And you won’t have to worry about browsers displaying the Not Secure warning because all Managed WordPress plans also include an SSL certificate displaying that trustworthy lock on the address bar of your website.

    System Engineering

    Configuring One Server To Handle HTTP & HTTPS Respectively

    Leave a comment

    On an Nginx server, it is possible for you to configure it to manage both HTTP and HTTPS requests.

    You should also know that prior to 0.7.14, it was not possible to enable SSL certificate selectively over individual listening sockets, as we have done here in the following given code:

    server {
    listen              80;
    listen              443 ssl;
    server_name         www.yoursite.com;
    ssl_certificate     www.yoursite.com.crt;
    ssl_certificate_key www.yoursite.com.key;
    ...
}

    Before SSL could only be enabled over the entire server using an SSL directive, thus it was impossible to put up a single HTTP/HTTPS server. Afterward, the SSL parameter of the listen directive was added to resolve this problem.

    The use of the SSL directive in newer versions has been discouraged.

    System Engineering

    When Multiple HTTPS Servers Listen On A Single IP Address

    Leave a comment

    In SSL protocol conduct, a typical problem occurs when two or more configured HTTPS servers listen on a single IP address.

    server {
    listen          443 ssl;
    server_name     www.yoursite.com;
    ssl_certificate www.yoursite.com.crt;
    ...
}

server {
    listen          443 ssl;
    server_name     www.yoursite.org;
    ssl_certificate www.yoursite.org.crt;
    ...
}

    As shown above, what exactly happens here is that the client browser starts to receive the default server’s certificate (www.yoursite.com) regardless of the name of the server requested.

    This is pushed by SSL protocol conduct. Here, the connection via SSL is made before the browser sends another HTTP request and Nginx does not know the server name requested. Hence, it may only offer the default server’s certificate.

    Here’s the solution:

    server {
    listen          192.168.1.1:443 ssl;
    server_name     www.yoursite.com;
    ssl_certificate www.yoursite.com.crt;
    ...
}

server {
    listen          192.168.1.2:443 ssl;
    server_name     www.yoursite.org;
    ssl_certificate www.yoursite.org.crt;
    ...
}

    Above given is the ancientest and most powerful way used for resolving this issue. Here a separate IP address is assigned for each HTTPS server.

    System Engineering

    Updating Nginx Server Configuration To Use The SSL You Have Purchased

    Leave a comment

    You need to update the config file on your server to use the SSL certificate you are subscribed to. This can be done by accessing the command line SSH and opening the Nginx config file for the domain you are installing the SSL certificate.

    Simply run the following command: 

    sudo vim /etc/nginx/sites-available/yourwebsite.com

    Now update the config file to use the SSL certificate:

    server {
        listen 80;
        server_name yourwebsite.com;
        return 301 https://$host$request_uri;
}

server {
    listen 443 ssl;

    server_name yourwebsite.com;
    ssl_certificate     /etc/nginx/ssl/yourwebsite.crt;
    ssl_certificate_key /etc/nginx/ssl/yourwebsite.key;

    root /usr/share/nginx/yourwebsite.com/;
    index index.php  index.html index.htm;

}

    The next step is to save the file using this command:

    wq!

    And then restart your Nginx server with this command:

    sudo service nginx restart

    That’s it.

    System Engineering

    Configuring SSL & Intermediate Certificates On Nginx Server

    Leave a comment

    In the previous lesson, you learned about installing and configuring Nginx on your dedicated server. Now this lesson is on installing SSL and other standard certificates.

    The first thing you need to do is get an SSL certificate from Sangkrit.net, once you subscribe to it and your certificate request is approved just download it to install those files on your dedicated server.

    To download and install your certificate files follow these steps:

    1. Visit your Sangkrit.net product page
    2. Select SSL Certificates
    3. Select Manage next to the certificate you need to download
    4. Select a Server type
    5. Click the Download Zip File option
    6. Your certificate would start downloading now.
    7. Copy the SSL certificate file and the certificate bundle file to the Nginx server
    8. You already have a key file on the server which you got when you generated your certificate request.
    9. Now edit your Nginx configuration to reference these files

    Your certificate is installed now. Remember, the actual configuration file you edit depends on your version of Nginx, your OS platform, or the method you are using to install Nginx.

    System Engineering

    Configuring SSL On Linux VPS & Dedicated Servers

    Leave a comment

    To configure an SSL on your server there are mainly three steps: subscribe to it, generate a certificate signing request, and once SSL is approved, install it on your server.

    This lesson shows you the step-by-step process of implementing SSL on a Linux-based server.

    What is SSL? The SSL certificate establishes encryption over information that is sent to the server. It scrambles data into an undecipherable format that can only be returned to a readable format with a proper decryption key. 

    How Does SSL Works? When a client attempts to send confidential information to a Web server, the user’s browser accesses the server’s digital certificate and establishes a secure connection.

    SSL authenticates the identity of a website. It contains the following information: 

    1. The certificate holder’s name & public key 
    2. The certificate’s serial number and expiration date 
    3. The digital signature of the certificate-issuing authority

    How to install SSL on your VPS or Dedicated Server?

    1. Open SANGKRIT.net account
    2. Visit your Products page
    3. Select SSL Certificates 
    4. Select Manage for the certificate you want to use
    5. Under Download Certificate, select a Server type and then select Download Zip File.

    Launch your dedicated server:

    1. Visit your Products page
    2. Click the Servers tab
    3. Next to the account, you want to use, click Launch
    4. From the management interface, next to cPanel Site,
    5. Click Manage Server (WHM) and click Proceed

    Upload & Install SSL certificate

    1. Search SSL on the left sidebar menu on WHM cPanel
    2. Click Install an SSL certificate on the domain
    3. Type your domain name in the first field
    4. Click the Browse button
    5. Select and upload your SSL certificate
    6. Click Install button

    When you choose the browse and upload option, the empty fields are auto-discovered and filled from the SSL you are uploading. Once SSL is installed you may redirect your HTTP site to an HTTPS connection.

    WordPress

    How To Fix The Issues WordPress Has With SSL?

    Leave a comment

    You can seamlessly map your website URLs to HTTPS and get most of the mixed and insecure content errors automatically fixed on your WordPress website.

    If you have SSL subscribed and your site has access to it, then you just need to install-activate a WordPress plugin called Really Simple SSL, and that’s it. Your site will get automatically moved to a secure HTTPS connection.

    The plugin instantly configures SSL on your WordPress site, without any modifications to other files and settings.

    In case you don’t have an SSL then the first thing you need to do is subscribe to an SSL of your choice. You may either go for a Standard or Premium SSL or you may subscribe to a Completely Managed SSL Service.

    Once you have SSL, just activate Really Simple SSL plugin on your website. It saves you from hours of work.

    As soon the plugin is activated, it –

    • Automatically updates the siteurl and homeurl to HTTPS
    • Automatically fixes all insecure and mixed content errors
    • Automatically redirects all incoming URL requests to HTTPS
    • Automatically handles most issues that WordPress has with SSL

    The plugin works by using an internal WordPress redirect, but it also allows you to use a .htaccess redirect instead. It handles when you’re behind a reverse proxy/load balancer and takes care when no headers are passed, which WordPress uses to detect an SSL connection

    The insecure and mixed content on your website is dynamically fixed by replacing all HTTP URLs with secure HTTPS, except hyperlinks given to other websites. This URL migration is dynamic so no database changes are made, except for the site URL and home URL. The plugin sets PHP cookies securely with the httpOnly flag.

    Domains, Websites

    The Effect Of Google Chrome Updates Over Non SSL Websites

    Leave a comment

    You should strongly consider getting your own HTTPS SSL Certificate. Sometime back Google has declared SSL as an official ranking factor and now the upcoming updates to Google Chrome browser will start to mark websites running without SSL certificate as “Not secure”.

    As per the updates on new Google Chome versions expected to come before July 2018, visitors to your website using an up to date version of Google Chrome will notice a warning, which may put them off because most of the websites they visit on daily basis are properly SSLed.

    You should also be concerned about your visitors’ sensitive data which consists of names, addresses, email addresses and payment information. If your website has a “logged in”, “members section” or “clients-area” on your website, then this too counts as sensitive personal information which needs to be protected.

    How to use SSL on your website?

    Start by subscribing an SSL certificate and then follow the steps given here. If you are a WordPress user then follow this tutorial. For further support email to system@sangkrit.net.

    Domains

    Why you Should Subscribe SSL Certificate from SANGKRIT.net?

    Leave a comment

    SSL (Secure Sockets Layer) is a security technology to establish encryption between a client and a server. It allows sensitive information such as login credentials, user data, social security numbers and credit card information to be transmitted securely in encrypted form instead of plain text which leaves you vulnerable.

    Now a days there are many websites that shows you partial encryption error and some displays no-encryption or un-trusted SSL warnings.

    The reason is that the Google has not only considered SSL as an official ranking factor but is taking aggressive steps to protect users data and encouraging website owners to use a well configured SSL Certificate.

    Google now blocks all un-trusted and badly configured SSL certificates and hence potentially millions of websites that use SSL certificates issued by various big and small companies, even Symantec could find that their certificates are going effectively worthless when Chrome is concerned.

    So if your website is also showing the RED HTTPS or any SSL error then you must act now because this thing will not only stop clients from making transactions on your website but it will also stop them from accessing your website because now Google Chrome clearly displays the invalid certificate warning on each visit.

    And the link to proceed to the webpage is hidden in the advanced link which is left unseen, even then netizens will think twice before accessing your website.

    How to Remove SSL Warnings?

    Use a well-configured SSL certificate, SSL configuration is not a one step process and hence you should know how to correctly configure an SSL certificate on your website.

    Subscribe SSL from SANGKRIT.net and it will guide you with an step-by-step process of requesting, installing and configuring HTTPS on your website. If you want some expert to do it for you then you can buy online support from system@sangkrit.net.

    System Engineering, Websites

    How To Generate CSR (Certificate Signing Request) On cPanel?

    Leave a comment

    A CSR or Certificate Signing request is a block of encrypted text generated on the server that the SSL certificate will be used on. It contains all important information to be included in your SSL certificate, information comprises of your common name (i.e. domain name), locality and country etc.

    cPanel provides you a built-in feature to generate CSR code to use for sending certificate signing request and get your SSL configuration settings ready to work on your website’s domain.

    Continue reading How To Generate CSR (Certificate Signing Request) On cPanel?