Community @ The Turning Gate

Support community for TTG plugins and products.

You are not logged in.

#1 2019-01-17 00:39:56

Ken
Member
Registered: 2013-03-16
Posts: 312
Website

Site Security Question

I use BL2 to create and manage my website. Recently my hosting service, GoDaddy, has been pressuring me to add SSL to my website. They say that a hacker could modify my site so that when someone click's the "Secure Check Out" button on my cart page, the purchaser would be taken to a fake paypal site.

Is this possible?
How likely?
Will adding the SSL feature stop a hacker from doing this?
Is there another way to protect my site from possible hackers?

Norton Safe Web says my site is safe. I would appreciate any thoughts on this.

Offline

#2 2019-01-17 01:00:41

rod barbee
Moderator
From: Port Ludlow, WA USA
Registered: 2012-09-24
Posts: 16,725
Website

Re: Site Security Question

here's something that might help: https://serverguy.com/security/google-f … -websites/


Rod 
Just a user with way too much time on his hands.
www.rodbarbee.com
ttg-tips.com, Backlight 2 test site, Pangolin test site

Offline

#3 2019-01-17 01:01:52

rod barbee
Moderator
From: Port Ludlow, WA USA
Registered: 2012-09-24
Posts: 16,725
Website

Re: Site Security Question

And now, with the release of Backlight 2.0.5, implementing SSL (https) on your site if super easy.


Rod 
Just a user with way too much time on his hands.
www.rodbarbee.com
ttg-tips.com, Backlight 2 test site, Pangolin test site

Offline

#4 2019-01-17 01:18:32

Ken
Member
Registered: 2013-03-16
Posts: 312
Website

Re: Site Security Question

Thanks for the link. I just updated my site to BL 2.0.5. You mention it is now super easy to implement SSL on my site? How do I do this?

Offline

#5 2019-01-17 01:48:49

rod barbee
Moderator
From: Port Ludlow, WA USA
Registered: 2012-09-24
Posts: 16,725
Website

Re: Site Security Question

You first need a SSL certificate from your host.
Once they install that, go to Backlight Settings and change the site (and company url if they’re the same) and the Wordpress url if using WordPress, so that they start with https:// rather than http://.

Then, still in Settings, go to the Privacy section and redirect browsers to https


Rod 
Just a user with way too much time on his hands.
www.rodbarbee.com
ttg-tips.com, Backlight 2 test site, Pangolin test site

Offline

#6 2019-05-15 17:26:51

vivek_kumar
New Member
Registered: 2019-05-15
Posts: 1

Re: Site Security Question

SSL enables encryption so man-in-the-middle attacks do not happen. it is important for eCommerce sites. You read more here:
https://magehost.com/blog/google-ssl-certificates/

Offline

#7 2019-05-16 01:08:44

Daniel Leu
Moderator
Registered: 2012-10-11
Posts: 1,395
Website

Re: Site Security Question

rod barbee wrote:

You first need a SSL certificate from your host.

Some hosts such as Bluehost and 1and1/Ionos now include one SSL certificate for free in their shared web hosting packages. And they make it easy to install it.


Daniel Leu | Photography   
DanielLeu.com

Offline

#8 2019-07-08 19:41:21

theomolenaar
Member
Registered: 2012-12-11
Posts: 163

Re: Site Security Question

I did all that. However my uploaded (in BL) images, such as header were still http, so I had mixed content that was not displayed.

Loading the images again and it worked fine...

Offline

Board footer

Powered by FluxBB