Tag Archives: ssl

How To Fix The Issues WordPress Has With SSL?

You can seamlessly map your website URLs to HTTPS and get most of the mixed and insecure content errors automatically fixed on your WordPress website.

If you have SSL subscribed and your site has access to it, then you just need to install-activate a WordPress plugin called Really Simple SSL, and that’s it. Your site will get automatically moved to a secure HTTPS connection.

The plugin instantly configures SSL on your WordPress site, without any modifications to other files and settings.

In case you don’t have an SSL then the first thing you need to do is subscribe to an SSL of your choice. You may either go for a Standard or Premium SSL or you may subscribe to a Completely Managed SSL Service.

Once you have SSL, just activate Really Simple SSL plugin on your website. It saves you from hours of work.

As soon the plugin is activated, it –

  • Automatically updates the siteurl and homeurl to HTTPS
  • Automatically fixes all insecure and mixed content errors
  • Automatically redirects all incoming URL requests to HTTPS
  • Automatically handles most issues that WordPress has with SSL

The plugin works by using an internal WordPress redirect, but it also allows you to use a .htaccess redirect instead. It handles when you’re behind a reverse proxy/load balancer and takes care when no headers are passed, which WordPress uses to detect an SSL connection

The insecure and mixed content on your website is dynamically fixed by replacing all HTTP URLs with secure HTTPS, except hyperlinks given to other websites. This URL migration is dynamic so no database changes are made, except for the site URL and home URL. The plugin sets PHP cookies securely with the httpOnly flag.

Redirecting HTTP Domains to HTTPS On Dedicated Server

Once SSL is installed on your dedicated server (as explained here) for the domain name you have selected, you will need to redirect all non-secure http links to secure https connection.

For any website to work over SSL, there are some modifications you will need to make to your .htaccess file, and then it will redirect your visitors to the HTTPS version of your website.

Login to your SANGKRIT.net account and follow the given steps:

  1. Go to your SANGKRIT.net product page.
  2. Under the Server, click Manage for cPanel
  3. In the Account Dashboard, click File Manager.
  4. In the cPanel File Manager, click Settings.
  5. Make sure that Show Hidden Files (dotfiles) is checked, and click Save.
  6. Click on public_html, and open your .htaccess if you already have one. If not, click File+, name the file .htaccess and click Create New File.
  7. Select the .htaccess file, and click Edit.
    • If you just created your .htaccess file, use this code:
      RewriteEngine On RewriteCond %{SERVER_PORT} 80 RewriteCond %{HTTP_HOST} ^(www\.)?coolexample\.com RewriteRule ^(.*)$ https://www.coolexample.com/$1 [R,L]
    • If your .htaccess file already exists, insert the lines that begin with ReWriteCond and RewriteRule directly after the already existing ReWriteEngine On.
    • Click Save Changes and Close. 

That’s it. Visit your website and you’ll be re-directed to the HTTPS version.

If you use WordPress, then follow these steps:

  1. Log into your WordPress Dashboard.
  2. Visit Settings, click General.
  3. Locate the following fields:
    • WordPress Address (URL)
    • Site Address (URL)
  4. In each field, update your URLs from http to https
  5. Scroll down and click Save Changes.
  6. Open your current .htaccess file in the /public_html/ folder with the cPanel file manager for editing. If you don’t already have a .htaccess file, you’ll need to create one.
  7. Insert the following code at the top of your .htaccess file:
  8. Click Save Changes at the top-right corner of the screen.

In some cases you will need to edit your .htaccess file, if you don’t want that then you may also use a WordPress plugin such as Really Simple SSL It saves you from following so many technical steps.

How To Install SSL On Dedicated Server?

The SSL certificate establishes encryption over information that is sent to the server. It is the process of scrambling data into an undecipherable format that can only be returned to a readable format with the proper decryption key. 

Hence, when a client attempts to send confidential information to a Web server, the user’s browser accesses the server’s digital certificate and establishes a secure connection.

It also authenticates the identity of a website. An SSL certificate contains the following information: 

  1. The certificate holder’s name & public key 
  2. The certificate’s serial number and expiration date 
  3. The digital signature of the certificate-issuing authority

Once you have subscribed to an SSL of your choice, you will need to request an SSL activation for your website, which can be done by following this tutorial here

Next, download SSL on your local machine (laptop, etc)

In most cases (especially on Managed WordPress and Business Hosting) the system auto-installs the certificate. Whereas, dedicated server users can manually install it by following these steps:

  1. Open SANGKRIT.net account
  2. Visit your Products page
  3. Select SSL Certificates 
  4. Select Manage for the certificate you want to download.
  5. Under Download Certificate, select a Server type and then select Download Zip File.

Launch your dedicated server:

  1. Visit your Products page
  2. Click the Servers tab
  3. Next to the account, you want to use, click Launch
  4. From the management interface, next to cPanel Site,
  5. Click Manage Server (WHM) and click Proceed

Upload & Install SSL certificate

  1. Search SSL on the left sidebar menu
  2. Click Install an SSL certificate on the domain
  3. Type your domain name in the first field
  4. Click the Browse button
  5. Select and upload your SSL certificate
  6. Click Install button

When you choose the browse and upload option for uploading the certificate you have purchased from SANGKRIT.net, there is no need to fill up any other field, these are auto-discovered from the SSL you are uploading.

The next coming lesson is about redirecting your websites and all their links from HTTP to secure HTTPS.

The Effect Of Google Chrome Updates Over Non SSL Websites

You should strongly consider getting your own HTTPS SSL Certificate. Sometime back Google has declared SSL as an official ranking factor and now the upcoming updates to Google Chrome browser will start to mark websites running without SSL certificate as “Not secure”.

As per the updates on new Google Chome versions expected to come before July 2018, visitors to your website using an up to date version of Google Chrome will notice a warning, which may put them off because most of the websites they visit on daily basis are properly SSLed.

You should also be concerned about your visitors’ sensitive data which consists of names, addresses, email addresses and payment information. If your website has a “logged in”, “members section” or “clients-area” on your website, then this too counts as sensitive personal information which needs to be protected.

How to use SSL on your website?

Start by subscribing an SSL certificate and then follow the steps given here. If you are a WordPress user then follow this tutorial. For further support email to system@sangkrit.net.

Why you Should Subscribe SSL Certificate from SANGKRIT.net?

SSL (Secure Sockets Layer) is a security technology to establish encryption between a client and a server. It allows sensitive information such as login credentials, user data, social security numbers and credit card information to be transmitted securely in encrypted form instead of plain text which leaves you vulnerable.

Now a days there are many websites that shows you partial encryption error and some displays no-encryption or un-trusted SSL warnings.

The reason is that the Google has not only considered SSL as an official ranking factor but is taking aggressive steps to protect users data and encouraging website owners to use a well configured SSL Certificate.

Google now blocks all un-trusted and badly configured SSL certificates and hence potentially millions of websites that use SSL certificates issued by various big and small companies, even Symantec could find that their certificates are going effectively worthless when Chrome is concerned.

So if your website is also showing the RED HTTPS or any SSL error then you must act now because this thing will not only stop clients from making transactions on your website but it will also stop them from accessing your website because now Google Chrome clearly displays the invalid certificate warning on each visit.

And the link to proceed to the webpage is hidden in the advanced link which is left unseen, even then netizens will think twice before accessing your website.

How to Remove SSL Warnings?

Use a well-configured SSL certificate, SSL configuration is not a one step process and hence you should know how to correctly configure an SSL certificate on your website.

Subscribe SSL from SANGKRIT.net and it will guide you with an step-by-step process of requesting, installing and configuring HTTPS on your website. If you want some expert to do it for you then you can buy online support from system@sangkrit.net.

How To Generate CSR (Certificate Signing Request) On cPanel?

A CSR or Certificate Signing request is a block of encrypted text generated on the server that the SSL certificate will be used on. It contains all important information to be included in your SSL certificate, information comprises of your common name (i.e. domain name), locality and country etc.

cPanel provides you a built-in feature to generate CSR code to use for sending certificate signing request and get your SSL configuration settings ready to work on your website’s domain.

Continue reading How To Generate CSR (Certificate Signing Request) On cPanel?

Secure Your Website From Top 10 Internet Threats

More than five thousands websites are compromised everyday. Small business site owners think that they’re too small to be noticed by hackers but that is a wrong thinking because now-a-days hackers use automated bots which keeps on searching vulnerable websites.

Another reason of not securing website is lack of awareness. Many website owners don’t know how they can secure their website, what security tools they should be using etc etc.

Continue reading Secure Your Website From Top 10 Internet Threats

Secure WordPress Login & Admin Pages With SSL (HTTPS)

Now you know how to install SSL on a domain and how to implement it on your WordPress installation. A few days back a WordPress user emailed us saying that the majority of his website is not sensitive and also he has a resource limit so he only wants to enable SSL on his website login page and not on the rest of his website.

Continue reading Secure WordPress Login & Admin Pages With SSL (HTTPS)

How To Implement HTTPS (SSL Certificate) In WordPress?

As soon Google declared HTTPS as an official Google ranking signal, the discussions on implementing SSL certificate in WordPress started populating WP forums and social media sites. In this tutorial we are showing you an easy method to enable HTTPS working on your WordPress site.

Continue reading How To Implement HTTPS (SSL Certificate) In WordPress?

Secure Your Website With HTTPS (SSL Certificate)

For running your website on HTTPS (SSL Certificate), first thing you need to do is subscribe a SSL Certificate here. You may go for Standard SSL if you just want to verify your domain and secure your website. Premium SSL plan is ideal for eCommerce shopping cart websites as it provides you the most extensive validation.

Continue reading Secure Your Website With HTTPS (SSL Certificate)

Cloud Backed Plugin That Enables Secure Credit Card Payments In WordPress Without Any SSL Certificate Setup

Super Stripe is new powerful and easy way for website owners who want to process credit cards without going through the hassle of getting a dedicated IP address and installing an SSL certificate. SSL certificates are both costly and needs time to setup as you would be needing to migrate your website to a dedicated IP etc. But now by using Super Stripe Gateway it becomes easy for you to sell and protect digital goods, run promotions or accept payments for your products and services etc.

Continue reading Cloud Backed Plugin That Enables Secure Credit Card Payments In WordPress Without Any SSL Certificate Setup

Use Native WordPress Upload Thickbox For Adding Image Widgets In Your Website

WordPress Image Widget plugin displays an image in your site’s widget areas. Its ability to add caption and link to image allows you to use this plugin for multiple cases like you may use it for displaying banner ads, you may use it as an About Me widget etc.

Continue reading Use Native WordPress Upload Thickbox For Adding Image Widgets In Your Website