bkessler91 Posted February 5, 2013 Share Posted February 5, 2013 So I'm set up through Authorize.net and is secure for payment information. I'm having customers tell me that their anit-virus software and/or browser plugin toolbar is telling them that our site is not secure. I'm looking into SSL certificates and my webhost (LunarPages) has two SSL choices. Basic and Pro https://support.lunarpages.com/knowledge_bases/article/175 Would getting an SSL certificate and enabling SSL in cubecart help? Thank you for any input. Quote Link to comment Share on other sites More sharing options...
bsmither Posted February 5, 2013 Share Posted February 5, 2013 "Would getting an SSL certificate and enabling SSL in cubecart help?" Yes. When I was running my stores, I got a certificate through GoDaddy and they have three or four 'levels' of assurance. I bought the one where I had to provide copies of my business papers and they thoroughly vetted my existence. There are levels less thorough than that. But in my opinion, a certificate behaves the same regardless of assurance level. But there are also types of certificates that vary in breadth: one and only one URL, wilcard subdomains, and maybe one for multiple domains. What LunarPages will accept and install may be limited to the one and only one URL. Their Basic vs Pro seems to differ only in the amount of the insurance policy you are getting. Quote Link to comment Share on other sites More sharing options...
bkessler91 Posted February 5, 2013 Author Share Posted February 5, 2013 Would you recommend to Force SSL mode on all pages? Are there any advantages to that? The prices are practically the same Lunarpages vs GoDaddy but appreciate the suggestion Quote Link to comment Share on other sites More sharing options...
bsmither Posted February 5, 2013 Share Posted February 5, 2013 Sorry, it wasn't a suggestion or recommendation. I was just relating information I have based on my experience. There may be a reason to force SSL on all pages. Devellion put that in there (presumably) to solve some kind of issue or to answer a reasonable request. I don't know the real rational. So, if it solves an issue for you, then it's good. If you plan to have confidential info on what would otherwise be public-appropriate pages, then it's good. If you have no issue with some pages yes, some pages no (and some browsers have a setting that is to warn the user when leaving a secure page for an insecure page -- a huge annoyance), then the disadvantage (according to a few server box managers) is the higher computational requirements to encrypt everything. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.