Leaderboard

* bold is by me HTTPS does more then just protect user data - it also ensures that the user is really connecting to the right site and not an imposter one - This is important because setting up a fake version of a website users normally trust is a favorite tactic of hackers and malicious actors - HTTPS also ensures that a malicious third party can not hijack the connection and insert malware or censor information. Google wants to make the Internet safer - and it will not be shy about pointing a finger at sites that do not meet its standards. That is why - starting in 2017 the Chrome browser (ver 56+) will flag unencrypted websites as insecure - displaying a red “x” over a padlock in the URL bar. In an announcement published to the Google Security Blog [ https://security.googleblog.com/2016/09/moving-towards-more-secure-web.html ] on September 8, 2016 - the search giant said users of its Chrome browser will be warned when accessing non-secure websites - starting January 2017. Users will not be blocked from accessing non-secure sites - but they will be alerted when visiting an address that does not use an encrypted connection Currently - Chrome displays only an icon of a white page when the website a user is accessing is not secured with HTTPS - a green locked padlock when it is - as well as a padlock with a red “x” on it when there’s something wrong with the HTTPS page the user is trying to access. The change will draw even more attention to the sites that are potentially insecure. Pages without an HTTPS counterpart likely - will not be affected in search results - but that does not mean it would not be the next step. Do you know - you can make use of CloudFlare to act as a proxy front-end to your site - and enable free "Flexible" SSL through them - so your users would connect to the CloudFlare servers via SSL - and in the backend CloudFlare would pass on that request to hosting using normal HTTP with a encrypted & compressed connection - IF the Heliohost Admins have CloudFlare's "Railgun" installed

To answer these in order: You have to get it from another source. Heliohost is not a certificate authority. We recommend Let's Encrypt since its free. One of our users is working on a guide for the Wiki: http://www.helionet.org/index/topic/26914-ssh-on-tommy/?view=getnewpostDepends on the certificate you use. You can get a "SAN Certificate" that's good for multiple domains. Not unless you get a "wildcard" certificate. Let's Encrypt doesn't offer these, and the companies that do offer them charge significantly more than a normal certificate for them. If you get the certificate, we don't charge anything to install/use it. You need to get the certificate from someone else. You can get the signing request for a certificate and install the certificate through cPanel once you have it. There is no alternative really. SSL is the standard for secure web communication. It's only important if users will be doing things like entering bank/credit card information or login information on your site. If you use a service like Paypal for that, the users will enter it on the service's secure page meaning your site technically doesn't need to be though it's good practice to do so anyway (after all, they may need to enter other information like a username/password for your site, shipping info, etc.). Static websites that just show content and don't have the user enter information on them don't really need SSL.

Done.