What is SSL and HTTPS, and why your domains should be available with these protocols.
What is SSL and HTTPS-connection
SSL stands for Secure Sockets Layer, this is the protocol which uses encryption for data transferring.
When server communicates with a browser they transfer info which is a plain text in case this info is not encrypted. Thus, if you input your login and password, or other sensitive info on a website without encrypted connection, the data can be intercepted and can be used by any person as it’s a plain text. This situation may happen in case you use an HTTP-connection.
SSL protocol encrypts the data sent between a server and a browser, and when this data is intercepted it is impossible to use it as the data is a set of useless symbols which can’t be read. SSL protocol requires an SSL certificate to be installed on a server.
HTTPS (HyperText Transfer Protocol Secure) is an HTTP + SSL certificate.
Creating a safe Web
As an initiative to make a web more secure, on September 8, 2016 Google announced that Chrome would start to explicitly label HTTP connections as “Not Secure”. The idea is that then you know the information is going over the internet unencrypted. Beginning in January 2017, Chrome will mark HTTP pages (meaning pages without an SLL certificate) that collect passwords or credit cards as non-secure, as part of a long-term plan to mark all HTTP sites as non-secure.
Beginning in July 2018 together with Chrome 68 update all websites using HTTP will be marked as non-secure even if there’s no any input forms.
How this affects advertisers and website owners
Now users with updated browsers (not only Chrome) will get a notification about a not secure connection while visiting a website without an SSL certificate.
Thus, not every user will continue their visit or click the links, not to mention filling in the forms on a page. No SSL certificate means less traffic.
Moreover, HTTPS websites are ranked higher in Google search although it is not announced officially.
Install an SSL certificate in Keitaro for free
Keitaro gives its users an opportunity to install SSL certificates on domains for free and without any limits. We use Let’s Encrypt certificates which fit all browsers security standards. The certificates are issued by Let’s Encrypt for three months and are automatically extended.
How to install an SSL certificate:
- Go to your DNS registrar where you bought your domains and create an a-record with the ip of the server where Keitaro is installed.
- Log in to your server via SSH and run the command:
curl -sSL https://keitaro.io/enable-ssl.sh | bash -s -- domain.com
Change domain.com to your domain’s name.
Ready, the certificate is installed and your domain is available via secure HTTPS connection.
Note, SSL certificates installation is available in case you installed the tracker with our auto installation script. If you used install.php for Keitaro installation, please contact your hosting support.