Web Design For Idiots

SSL (secure socket layer) is essentially an encrypted tunnel that you pass all infomation that goes from your customer to your database through. SSL IS NESSECARY TO HAVE A SUCCESSFUL STORE. Just check out any e-commerce store, when you go there you will see that they have SSL. I also just recently got a forward from my grandma (she is the MASTER of forwarding useless stuff) that was telling all her other not-so-techy friends that you should never purchase from a website that does not have the “https” beginning and does not have the little lock. So now that there is a wide spread e-mail being passed around, it is more important than ever.

You know a website has SSL when you go to any page that collects personal data (including email, passwords, shipping, and payment info) and the url changes from http://website.com to https://website.com You also see a little padlock in the browser and some even change color on secure pages.

SSLs are not expensive, and you can get a FREE shared SSL from most hosts.

A shared SSL is an OK solution. Basically, when your SSL is shared, ALL of the pages on your site that should be secure (login, create account, shipping, payment, etc) will change from

http://yourdomain.com

to

https://server123.hostname.com/~yourdomain

this is not ideal because it can freak out customers who obsessively check the URL to make sure they are not getting scammed. When the .com name changes, even though your name is in that url at the end, they might not trust it because people don’t know too much about how this stuff works.

With a dedicated SSL (which costs about $70 a YEAR with a dedicated IP address) your url changes just from

http://yourdomain.com

to
https://yourdomain.com

BUT, this has nothing to do with credit card information. BY LAW YOU ARE NOT ALLOWED TO STORE CREDIT CARD DATA UNLESS YOU MEET CERTAIN STANDARDS OR REQUIREMENTS. You need to be PCI COMPLIANT

You really SHOULD try to become PCI compliant even if you don’t store credit cards.

However, if you have a merchant account (either from a bank, card processing company or something like paypal) chances are they will do all of that for you since they are the only ones that really need to SEE the customer’s credit card number.

With a merchant account, you need a SECURE GATEWAY. These sometimes come with a merchant account, and sometimes you have to pay for them. Depends on the company. I have heard just about everything from just about every company. One bank wanted to charge me $800 for a secure gateway, while I have heard that others got theirs for free when they signed up for their merchant account. Paypal lets you use theirs, I have paypal’s website payments pro to be the best start-up option.

The secure gateway is similar to the SSL where the customer inputs their data and that data is transmitted through encryption. But instead of sending the data to you, that part of the data (cc info) goes to the company that is processing the credit card. There also is not change in url or webpages. This is done behind the scenes.

So basically, thats it.. Thats what you need to be secure. MOST people dont care.. they think they will not be victims to hackers.. but guess what, if a customer gets their info stolen from your site and you did not take the proper precautions, its YOU that will pay, because 9 times out of 10, the person who did the stealing of the info is untraceable and from another country.

---

Want to know who is offering this awesome content? Here it is! Someone who is relatively new to web design. I am new enough to still remember how absolutely frustrating it was to try and get anything done in this field, but have also been around long enough to be able to help those that are where I was a year ago. Aside from web design, I run the office of my dad's engineering business, and do book keeping by trade. I love my pets.. All 6 cats, 1 peg legged dogs, and 1 hedgehog. LOVE THEM!! Oh yea, and my husband. He lets me chase my dreams and I let him do the same. We are happy people because of it. Read more from this author

---

This entry was posted on Monday, February 2nd, 2009 at 4:45 pm and is filed under How-To, Web Design. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.