giteshss2 Posted January 3, 2017 Posted January 3, 2017 Greetings for the New Year to all! I wanted to know some details about SSL and its use with HELIOHOST.I know exactly what SSL is and that's not my point. However I wanna understand how we can use it with HELIOHOST. Does heliohost provides support for SSL?Does heliohost provide SSL Certificate or I have to get it from some other source? Can I use One SSL certificate for Multiple domains owned by me?Does the certificate apply to sub-domains too? If NOT, what CAN I DO to do so?Is getting SSL Certificate from Heliohost is FREE or CHARGED?How to get or apply for SSL Certificate?Is it really important to have SSL or is there some alternative for it? If so, IS IT RELIABLE and CHEAPER? I request all the intellectuals to please provide all the details regarding SSL. Because, this post can help the beginners like me to LEARN. Thank you! I will really appreciate if heliohost provides SSL certificates. Please share the procedure to get it, if so.
wolstech Posted January 3, 2017 Posted January 3, 2017 Greetings for the New Year to all! I wanted to know some details about SSL and its use with HELIOHOST.I know exactly what SSL is and that's not my point. However I wanna understand how we can use it with HELIOHOST. Does heliohost provides support for SSL?Does heliohost provide SSL Certificate or I have to get it from some other source? Can I use One SSL certificate for Multiple domains owned by me?Does the certificate apply to sub-domains too? If NOT, what CAN I DO to do so?Is getting SSL Certificate from Heliohost is FREE or CHARGED?How to get or apply for SSL Certificate?Is it really important to have SSL or is there some alternative for it? If so, IS IT RELIABLE and CHEAPER? I request all the intellectuals to please provide all the details regarding SSL. Because, this post can help the beginners like me to LEARN. Thank you! I will really appreciate if heliohost provides SSL certificates. Please share the procedure to get it, if so.To answer these in order: You have to get it from another source. Heliohost is not a certificate authority. We recommend Let's Encrypt since its free. One of our users is working on a guide for the Wiki: http://www.helionet.org/index/topic/26914-ssh-on-tommy/?view=getnewpostDepends on the certificate you use. You can get a "SAN Certificate" that's good for multiple domains.Not unless you get a "wildcard" certificate. Let's Encrypt doesn't offer these, and the companies that do offer them charge significantly more than a normal certificate for them.If you get the certificate, we don't charge anything to install/use it.You need to get the certificate from someone else. You can get the signing request for a certificate and install the certificate through cPanel once you have it.There is no alternative really. SSL is the standard for secure web communication. It's only important if users will be doing things like entering bank/credit card information or login information on your site. If you use a service like Paypal for that, the users will enter it on the service's secure page meaning your site technically doesn't need to be though it's good practice to do so anyway (after all, they may need to enter other information like a username/password for your site, shipping info, etc.). Static websites that just show content and don't have the user enter information on them don't really need SSL. 1
bdistler Posted January 3, 2017 Posted January 3, 2017 wolstech, on 03 Jan 2017 - 10:10 AM, said:============= 8>< snip =============== There is no alternative really. SSL is the standard for secure web communication. It's only important if * users will be doing things like entering bank/credit card information or login information on your site. If you use a service like Paypal for that, the users will enter it on the service's secure page meaning your site technically doesn't need to be though it's good practice to do so anyway (after all, they may need to enter other information like a username/password for your site, shipping info, etc.). Static websites that just show content and don't have the user enter information on them don't really need SSL. ** bold is by me HTTPS does more then just protect user data - it also ensures that the user is really connecting to the right site and not an imposter one - This is important because setting up a fake version of a website users normally trust is a favorite tactic of hackers and malicious actors - HTTPS also ensures that a malicious third party can not hijack the connection and insert malware or censor information. Google wants to make the Internet safer - and it will not be shy about pointing a finger at sites that do not meet its standards. That is why - starting in 2017 the Chrome browser (ver 56+) will flag unencrypted websites as insecure - displaying a red “x” over a padlock in the URL bar. In an announcement published to the Google Security Blog [ https://security.googleblog.com/2016/09/moving-towards-more-secure-web.html ] on September 8, 2016 - the search giant said users of its Chrome browser will be warned when accessing non-secure websites - starting January 2017. Users will not be blocked from accessing non-secure sites - but they will be alerted when visiting an address that does not use an encrypted connection Currently - Chrome displays only an icon of a white page when the website a user is accessing is not secured with HTTPS - a green locked padlock when it is - as well as a padlock with a red “x” on it when there’s something wrong with the HTTPS page the user is trying to access. The change will draw even more attention to the sites that are potentially insecure. Pages without an HTTPS counterpart likely - will not be affected in search results - but that does not mean it would not be the next step. Do you know - you can make use of CloudFlare to act as a proxy front-end to your site - and enable free "Flexible" SSL through them - so your users would connect to the CloudFlare servers via SSL - and in the backend CloudFlare would pass on that request to hosting using normal HTTP with a encrypted & compressed connection - IF the Heliohost Admins have CloudFlare's "Railgun" installed 1
wolstech Posted January 3, 2017 Posted January 3, 2017 Do you know - you can make use of CloudFlare to act as a proxy front-end to your site - and enable free "Flexible" SSL through them - so your users would connect to the CloudFlare servers via SSL - and in the backend CloudFlare would pass on that request to hosting using normal HTTP with a encrypted & compressed connection - IF the Heliohost Admins have CloudFlare's "Railgun" installed Yeah, I'm using that for a medical charity website I run on another (paid) hosting provider that I'm thinking of dumping. Many places (including us) don't have railgun though, so with many hosts you're just letting CF make the insecure connection the endpoint would otherwise make. That particular installation in my case was driven by a service we use requiring the website be reachable that way (it just flat out refused to accept plain HTTP). Proper LE support would be nice, but until there's a decent way to automate it in cPanel, it's a bit of a pain to use. Right now you need to get a certificate manually and install that new certificate in cPanel every 90 days. They apparently have a cPanel SSL provider plugin, but from what I can tell LE has ridiculously low limits on the number of certs it'll issue per week through it.
giteshss2 Posted January 4, 2017 Author Posted January 4, 2017 Do you know - you can make use of CloudFlare to act as a proxy front-end to your site - and enable free "Flexible" SSL through them - so your users would connect to the CloudFlare servers via SSL - and in the backend CloudFlare would pass on that request to hosting using normal HTTP with a encrypted & compressed connection - IF the Heliohost Admins have CloudFlare's "Railgun" installed No, I don't! But would surely like to know and Implement.Can you please guide me through it, Step by Step? I am very much interested in my site prefixing: "https". So i wanna know about the thing more detailed.I am thankful to all your efforts: wolstech and bdistler. Please Guide me throiugh it! I thank heliohost for their efforts!!
Krydos Posted January 5, 2017 Posted January 5, 2017 Railgun isn't installed. Check out http://www.helionet.org/index/topic/26914-ssh-on-tommy/?p=123429 to install free ssl/https on your site. Let us know if you have any questions.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now