The Step-By-Step Guide – Secure your website with HTTPS

Table of Content

What is a “not secure” website?

How do I know if a website is safe?

How to display a secure website?

I installed a SSL but the website still shows insecure.

How to fix mixed content?


What is a “not secure” website?

Secure vs Not Secure

A secure website can really make the difference for your website’s conversion rate. For example, when the website you’re visiting is displayed as “secure”, you are more likely to continue browsing and even consider completing a purchase. But if your browser shows this website as “unsecure” and “dangerous”, you are much more likely to leave this website and purchase your products elsewhere.

What are the differences between secure and unsecure website

As an end-user, the only noticeable difference between a secure and unsecure website is one letter. Yes, a simple letter “S” that makes a big difference in the overall website security.

When you’re browsing any website, you will use an URL written like this: http://www.auhost4u.com

  • HTTP: or HyperText Transport Protocol. It allows for information to be passed between web servers and users.
  • HTTPS: simply adding a “S” will stand for “Secure”.

A secure website means that any data being passed between web servers and users is encrypted. If a website is unsecure, any information a user inputs on the website such as name, address, credit card details, are not protected and can be intercepted. However, on a secure website, the code is encrypted and any sensitive information cannot be traced thanks to a SSL certificate.

Browsers vs. unsecure websites

Chrome, Safari, Edge, Firefox are continuously working on making the Internet a safer place. And you may already have experienced it (see the examples below), but it has become harder to browse unsecure websites.

Chrome

Safari

Edge

browsing-unsecure-website-with-edge

Firefox

browsing-unsecure-website-with-mozilla

Whether you are using your mobile or desktop, a padlock icon might be displayed next to the website’s URL to inform you if this website is safe or not.

Website security contributes to users’ trust

As we were saying before, a secure vs unsecure website can have a huge impact on your user’s behaviours. Personally, I would never provide my credit card details over a “http” URL, and I’m pretty sure you would do the same.

Now imagine your reaction if you browse a website that displays this big red warning triangle, followed by a text in red saying “Not Secure”. Users are much more likely to simply leave this page.

In terms of conversion not having a secure website can have a huge impact. For example, if you’re running an e-commerce website, your potential customers may only realize their purchase if they see their personal and payment information on a secure page rather than a not secure one. 

How do I know if a website is safe?

If you want to check whether a website is safe to browse or not, there are a few methods of achieving this. Before you navigate to the website you can run some basic checks:

1. Move your mouse over the website title without clicking

example check if website is secure before clicking

2. On the bottom left of your screen you’ll see a dark grey box appearing. This is the full address you’ll visit if you click on the link. You can check here if you’ll be redirected to a http or https address.

Now, you are more confident browsing this website, you can click and follow the link. Browsing on a website, 3 kinds of symbols may appear and indicates whether you are at risk or not. Have a look at Google’s explanations.

3. Once on the page, you can check if the padlock icon is displayed (see below) and if your browser recognize this website as safe.

secure-website-display

Clicking on the padlock icon will display the detailed tracking and permissions you’re allowing. It also shows you can browse and realize a purchase on this website safely without worrying about getting your credit card information stolen for example.

https-and-secure-auhost4u-website

However, if a page is not recognized as secured, it will be displayed as follow:

not-secure-website

If you click on the “Not Secure” button, you will get more detailed explanations.

mysite-website-not-secure-display-from-edge

How do I display a secure website?

Just starting with your website or have a website but never really had the chance to secure it? Well, we will guide you through, it’s very easy.

  1. You need to install a SSL on your website.
    • You can either get our Essential SSL Certificate for FREE included in all our hosting plans or purchase it from a third party.
    • See below how to set up your SSL.
  2. Force the HTTPS redirect
    • Directly from your cPanel interface, click on the “Domains” feature and turn the HTTPS redirect toggle “ON”.
  3. That’s it! Your website will load over HTTPS only and your users and clients’ information will be secured.

How to install and manage your SSL in cPanel

How to install a AUHost4u SSL Certificate

To install your FREE SSL certificate it’s fairly simple.

1) Log in your cPanel account.

2) Click on the feature “SSL/TLS” in the section Security. If you experience trouble finding the feature, use the look up tool.

cpanel-section-security-feature-ssl-tls-auhost4u-support-question

3) You can either run the AutoSSL option or click on each domain and update them one by one.

cpanel-ssltls-feature-install-a-ssl-auhost4u
How to install a third-party SSL Certificate

First, you need to Login to your cPanel account.

From your cPanel main screen, locate and click on SSL/TLS under the “Security” category.

SSL-TLS-feature-cpanel-security-section-auhost4u-tutorial-support-question

From the SSL/TLS screen, click on the “Generate, view, upload, or delete SSL certificates”

SSL-TLS-manage-ssl-feature-page-cpanel-auhost4u-tutorial

Locate the category “Upload a New Certificate” and browse the SSL text file that you wish to install then click on “Upload Certificate”.

SSL-TLS-install-ssl-feature-page-cpanel-auhost4u-tutorial

Click the “Go Back” button to return to the SSL/TLS Manager.

How to setup the domain for SSL installation

From SSL/TLS Manager screen, click on Manage SSL Sites.

Once done, you can proceed by clicking on “Browse Certificates” and choose the domain from the Domain drop down menu.

After the system attempt to Fetch the SSL certificate and private key, you can go ahead and click on “Install Certificate”.

Note: In most cases, you do not need to supply the CA bundle because the server will fetch it from a public repository during installation.

How to verify the SSL installation

Verify your SSL certificate by a browser and log on to you website and using the HTTPS protocol.

Your browser should show a padlock icon which means “Secured” if you have installed and configured the SSL certificate properly.

I installed a SSL but the website still shows insecure.

One of the most common issue after installing a SSL certificate and setting the HTTPS redirect, the website still shows as “Not Secure”.

Well, 99% of the time, this is simply because of Mixed content. This occurs when your page is loading over a secure HTTPS connection, but other resources (such as an image, a video, etc.) are loading over an insecure HTTP connection.

https-not-secure-how-to-fix-it-auhost4u-guide

How to fix mixed content?

Before fixing anything, you’ll need to find the mixed content that’s causing this.

How to find your website mixed content?

  1. Browse your website over HTTPS.
  2. Press the F12 key.
  3. Click on the warning triangle.
  4. It will display in red (see below) the mixed content.
mixed-form-http-over-https-how-to-fix-it-auhost4u-guide

How to fix your website’s mixed content?

To fix a mixed content issue you simply need to find which content is still loading over HTTP and re-upload it over a secured connection, in others words, over HTTPS.


To Conclude

Now you have all the keys to secure your website and build trust with your users. By protecting their information and privacy, they can rely on your website and be converted into business opportunities. However this doesn’t mean your website will never get hacked or attacked. After you’ve installed a SSL certificate you’ll need to keep it up to date.

You see, to maintain a secured and safe website from hackers, you’ll need to continuously keep your security measures up-to-date.

Host your website today with our cheap hosting plans including a FREE Comodo Essential SSL certificate to secure your website, encrypt your users’ information and protect their data.

contact-auhost4u

Need help?

If you need our assistance, feel free to contact our 24/7 support team available on our ticket platform or directly via our Live Chat.

Milo Travers

Source link