The 3 Types of SSL Certificate Validation

March 5th, 2012 @ 11:23 am

We covered the basics of SSL (Secure Socket Layer) encryption and certificates in a previous post, but if you’ve done some shopping around for an SSL certificate for your site you have probably noticed that SSL comes in a few different types. If you want to make an educated decision and buy the right plan for your site, you’ll need to acquaint yourself with the differences between them.

Keep in mind that enabling an SSL certificate of any type will encrypt data transmissions between users and the server using public and private keys, and they will also load the https:// prefix. It is widely used by businesses, especially for ecommerce and payment due to the added layer of security, it’s highly recommended for anyone who considers their visitors customers. The different types or levels of validation are in place to classify websites based on their status as a legitimate business and the security of the site. Here’s an overview of each type of SSL validation and what types of sites they are used for.

Domain Validated (DV) SSL Certificates

This is the most basic level of SSL validation, the issuer verifies that you are the owner of the domain by checking your information against the WHOIS database. While this will enable encryption on your site and provide a decent amount of added security, it does not verify you as the operator of a legitimate business. This a great quick solution if you want your users to feel safer seeing the familiar padlock and https:// and not running into any warning screens, but an organizationally validated certificate is recommended for transmitting sensitive information.

Organizationally Validated (OV) SSL Certificates

An organizationally validated SSL certificate is designed for businesses and is especially beneficial to ecommerce, sales, and service providers who need to transmit sensitive data on their server such as credit card numbers and contact information. The process for validation is lengthier and more in-depth, the issuer will not only check to see if you are the owner of the domain, they will also need to verify that you are the owner of a real business. To do this you’ll need to provide the credentials and paperwork verifying the legitimacy of your business and your status as its owner (specifically your Articles of Incorporation), as well as proof of your physical address. One of the main advantages to getting an organization validation is that your site will be displayed in the browser as a trusted site and users will feel far more confident doing business with you.

Extended Validation (EV) SSL Certificates

Extended validation was released in 2007 and it is the most complete SSL encryption solution to date, the most reputable and trustworthy organizations make use of EV. The validation process is more thorough, only businesses that have been proven to be consistently reliable with quality services or products are given extended validation. The most obvious perk is the green URL bar that signifies to users that they are visiting a website associated with a verified reputable business and that the website has been proven to be safe and secure. This is a far more prominent indicator than other validations and users absolutely take notice.

So how do I get one?

If you are looking to get an SSL certificate for your website, we offer plans for each of the above validation types with tons of great features, check out our SSL Certificate packages to see which one is best for you.

Tags: , , | Posted in: General Stuff | Leave a comment

Why Load Time is Important and How to Speed up Your Site

March 1st, 2012 @ 9:10 am

The time it takes for your web page to load completely is a paramount factor in both the user experience and in the eyes of the search engines. Its effect is manifold and every webmaster should concern themselves with the speed of their website to ensure that otherwise interested visitors don’t bounce away to a competitor because they got tired of the wait.

Fortunately there are many ways of optimizing elements on your webpages to make load times a lot snappier, any website owner worth their salt will make use of these techniques to reap the benefits of faster load times. Most of them are fairly simple to implement, and if you are using a CMS like WordPress there are often plugins that do all the hard work for you, just be sure to check out where they come from.

Remember- no matter how well you optimize your on-page elements, your host needs to have the resources to handle the amount of traffic you send to it or there will be bandwidth issues that slow things down. If you are anticipating a spike in traffic that your current plan can’t handle, try out a VPS hosting plan.

The effect of load time on SEO

Search engine traffic continues to be one of the most reliable sources of exposure, and optimizing your web site to rank for keywords is an important part of running a successful website. That said, the amount of time it takes for your page to load is actually a pretty big SEO factor for a few reasons.

One reason is that Google can tell how long it takes for your page to load measured in seconds, its crawlers can detect how much information your page is displaying and whether that information is properly optimized for the user. If you aren’t following standard best practices for web development then you can expect your sloppy code to show up on Google’s radar.

On top of that, if your page loads too slowly then you will see a big increase in bounce rate (users who immediately leave your site). While the obvious implication is that you are losing traffic, this problem extends even further than that. Google also keeps track of your bounce rate (you can see it in Analytics and GWT), and you can be penalized if it’s too high.

So we see that having a poorly optimized page can really sabotage us and make it impossible for your site to reach its potential, so let’s do something about it.

How to speed things up

There are a huge amount of factors that go into how fast your page loads, including your hosting, CDN (content delivery network), and on-page elements. Assuming you have chosen a reliable host and you have enough resources in place to handle your site and its traffic, let’s go through some methods to optimize all the stuff on your pages.

Images

Images are one of the bulkiest elements in terms of file size on any webpage and they are responsible for severe slowdowns if not properly handled. All images in a compatible format should be compressed (.jpg, .gif, .png is preferred due to minimal loss) using the method of your choice to minimize file size, in Photoshop you can use the ‘Save for Web’ feature to do this easily.

Also, avoid resizing your images after uploading them using HTML tags (yes- that includes the fields in WordPress image settings). No matter how small you make them using this method, the browser still has to load the full size image so it’s rather pointless. However, you should still specify the correct dimensions of your image instead of leaving the fields blank so browsers can allocate the correct amount of space to them.

Design and Coding

Poor load times are often the result of lazy coding and poorly optimized elements that can easily be fixed with a quick tweak. One of the most common issues for beginners is that their pages make too many http:// requests to outside sites for information. For example, if you grab an image from another site using its URL instead of saving it to your own server, your web page has to pull information from that URL every time the page is loaded which is much slower than hosting the file yourself. Any time you have the option of loading information from someone else’s server or saving it to your own, always go with the latter whenever possible.

Take advantage of using a cache system to serve pages- this basically saves simple static copies of your otherwise heavy and dynamically generated pages for users who haven’t interacted with your site in a significant way. WordPress users would be wise to try WP Super Cache, it’s simple to setup and the difference is absolutely noticeable.

Also, if you are using security measures on your site (https:// and SSL encryption) then you should make sure to only enable them on pages where it is necessary because encryption and certificates can greatly increase load times. Keep the security measures on payment forms and other areas where sensitive information is transferred, not on your regular content pages.

We could go on forever talking about all sorts of different factors contributing to load speed, some other good things to do are reducing cookies, using gzip compression, removing unnecessary white space, using ajax properly, staying away from flash, and moving your script tags to the bottom.

If you’ve taken all of this into account and your pages are still on the slow side, the problem could be shoddy hosting. Check out our Reseller Hosting and VPS Hosting for great load times and super reliable uptime.

Tags: , , , | Posted in: General Stuff | 1 Comment

What are MySQL Databases?

February 9th, 2012 @ 11:07 am

Getting started in the world of web development means getting acquainted with a slew of new terminologies and technologies, and one of the very first things you’ll come across is SQL and MySQL databases. For someone who isn’t familiar with database technology it can be a bit daunting at first, but it really isn’t as complicated as it seems once you learn a bit about how it works.

How Databases Work

A database is an organized collection of information stored as a digital file that can be constantly accessed, read, maintained, changed based on the needs of the owner. Almost any business, website, or collaborative group makes use of some sort of database. A library uses one to keep track of its inventory of books and whether they are in or out, even if they are late and how much they owe. A service provider might use a database to keep track of clients, orders, and finances. Their implementations are limitless and almost every major operation dealing with lots of data usually has one running behind the scenes.

You can picture a database as a collection of charts that you’d see in a program like Excel. They have definable rows and columns which can be filled with values that then define a certain record. So in other words, we can make a table in a database where each row represents a different book in a library, and each column is a piece of data describing that book. So we would have a row for the book’s Title, Author, ISBN, Status (out, in, late), maybe even its location in the library and other descriptors as well. This record can be instantly accessed and edited by a computer system to keep track of the inventory. Now you can see just how essential database technology is, they practically run the whole world.

So what is SQL?

SQL stands for Structured Query Language and is usually pronounced as ‘sequel’ or ‘S Q L’. It’s a technology that allows us to access and manage databases, think of it as the software that serves as a middleman between us and the database. A database can be written in a variety of different formats and languages, SQL is one of them and it’s a very popular and widespread platform that’s almost universally adaptable.

So what does all of this mean for someone who’s setting up a relatively simple website? Unless you’re using very straightforward HTML pages, chances are your platform requires the use of an SQL database. For example, WordPress installations need to have an SQL database to store information about your site that needs to be accessed and changed. When a user creates a profile there needs to be a database to store it, and when that same user comments on one of your posts a database is needed to record it. The good news is that it’s a very low maintenance process, once the database is created you’ll never need to worry about it again as long as there aren’t any technical problems that need addressing (knock on wood).

Tags: , , | Posted in: General Stuff | Leave a comment

Choosing Shared or VPS Hosting

February 6th, 2012 @ 10:30 am

A lot of newcomers to the world of website hosting are intimidated by the amount of choices presented when shopping around for the best solution, and they often make an uneducated decision that they later regret because they weren’t familiar with the needs of their website. Luckily, it’s easier than you probably think. To pick the right host for your situation, all it takes is a little evaluation and foresight to find out what your needs are.

Generally speaking, Shared plans are more suited for small personal sites that won’t get major traffic surges and don’t have complex requirements for custom scripts and applications. VPS (or Virtual Private Server) hosting is best for more advanced users that want to have total control over their virtual server and its features, it’s more suited for larger websites or networks where a dedicated server and IP is necessary.

However, there’s no way to know which one is best for your setup without first identifying the differences between them.

The differences between Shared and VPS Hosting

Each web hosting provider offers a slightly different set of features for their plans, but the following notable differences are true for almost every host.

Resources

Shared plans have your site hosted on a server that also hosts many sites for other users as well- hence the resources are ‘shared’ between all sites on the server. In order to regulate this setup the host imposes ‘soft’ limits to how many resources you can use at once so that the hardware isn’t overloaded. This is why shared hosting has a hard time with big traffic spikes and heavy resources usage, you aren’t the only site using the server hardware and the amount of resources available depends on those other sites.

VPS hosting plans offer the same resource configuration that a dedicated server would in that you are allocated a static amount of resources to work with and you don’t have to worry about sharing them with anyone.  This is inherently scalable and you can purchase a plan that’s suitable for a low-end email server or a high-traffic database application, but you have to know what your site is expected to use before you set it up.

Customizability

On a shared plan you are at the mercy of the provider as far as features and settings go, you’re usually given a control panel backend on a single Linux or Windows OS and that’s that. You usually don’t have certain services and technologies available that may be required for certain complex tasks.

On a VPS you get to decide everything, you can use any Operating System and install any services you want. This of course requires that you have knowledge of how a server works and know what you need and what you don’t, but if you do your research you can have everything you need setup without any limitations as far as software goes.

Security

The word ‘Private’ isn’t in the term VPS for nothing- a VPS setup is simply more secure than a shared one by default because no one else is using the same operating system instance as you and your file system is completely independent. As the administrator of the server you also have far more control over your security configuration, allowing you to set up firewalls and other security features that aren’t normally available for shared accounts.

Tags: , , | Posted in: General Stuff | Leave a comment

WordPress Security – Protecting your WordPress Installation

February 3rd, 2012 @ 11:46 am

WordPress is one of the most popular and easy to use blogging platforms around, it allows users to create any kind of site imaginable without the need to learn a coding language or get bogged down with technical details. It’s open source software that’s constantly being audited and analyzed by the community, but security holes are always bound to open up with web-based platforms which present a threat to your site and its data. The absolute best way to protect your site from malicious activity is to be prepared before it happens, but luckily it’s as easy to secure your WordPress site as it was to install it.

Always stay updated

One of the easiest and most effective ways of keeping WordPress safe from attackers is to keep it updated as new versions are released. Every piece of software, especially those exposed to the internet, are always vulnerable to bugs and exploits if they are not routinely updated to patch up holes in their security. Web technologies are constantly evolving and hackers are always finding new ways to trick your software into trusting them when it shouldn’t, but WordPress is a very closely monitored system and any time a major security exploit is found the developers are very quick to release an update to fix it. The moral of the story is that being lazy and holding off on a WordPress update can cost you dearly, it’s a matter of clicking on button on your WP backend and it’s a real lifesaver.

However, your WordPress installation isn’t the only thing that needs to be kept up to date. You’re probably using a variety of different plugins and a theme as well, and outdated components can also present security risks. Always keep every part of your site up to date and beware of plugins and themes that seem unprofessional or were poorly made, they often make your site less secure by implementing faulty code.

Use secret keys in your WP-config file

The WP-config file contains all the information someone would need to access the database associated with your WordPress site, so you’ll want to do everything in your power to secure that file and make sure no one can access that sensitive information.

One of the best ways to do this is to use secret keys in the config file. Doing this is very easy, just head over to api.wordpress.org/secret-key/1.1/ and paste that information into WP-config, read through the file and find the area that says Authentication Unique Keys and replace the four lines you see there.

Use a security plugin

There are a lot of little things to worry about in terms of WP security like file permissions, htaccess settings, and a variety of other little factors that hackers can take advantage of. Instead of staying on top of it all yourself, you can try using a trusted plugin solution that gives you a simple GUI where you can keep everything secure without the headache of traversing an FTP.

One of the best complete solutions is Bulletproof Security which keeps track of almost every possible security hold that your installation might have and offers one-click solutions to all of them, it’s very user friendly and a great way to sleep well at night knowing your site is more secure than most.

Another great plugin to use is WP Plugin Security Check. Some of the most insecure parts of any WordPress site are the third party plugins installed for a variety of different purposes, and this plugin checks through all of them to make sure there aren’t any obvious holes or inadequate coding.

Tags: , , | Posted in: General Stuff | Leave a comment

Royalty Networks Blog


Let's Socialize

  • Facebook Facebook
  • Twitter Twitter

Search the Blog