Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Can I need A ssl?


zhwang

Recommended Posts

Since the payment gateway security is ensured by the gateway provider, Can I need a SSL in my store?

In the admin part, if I add htaccess protection or some admin module ,Can I need a SSL? If yes, what about a shared ssl? Can it work equal with one private ssl?

 

Wait for your response, Thanks!

Link to comment
Share on other sites

You can never have too much security, ssl goes hand in hand with e-commerce. If you are just starting out then share ssl will do the job nicely. If and when you have the budget you can always opt for a private one.

 

Personally, I'm on shared ssl and never have any security problems.

Link to comment
Share on other sites

Hi,

 

I have a set up in my store that allows me to connect to the same URL with SLL and without SSL enabled. I need to keep track of four configuration files (!!) because of it.

 

Is this what is called "shared SSL"? What is the miminum amount of files that need to reside in the "secure" directory? Everything?

 

Thanks,

Stephan

Link to comment
Share on other sites

Hi,

 

I have a set up in my store that allows me to connect to the same URL with SLL and without SSL enabled. I need to keep track of four configuration files (!!) because of it.

 

Is this what is called "shared SSL"? What is the miminum amount of files that need to reside in the "secure" directory? Everything?

 

Thanks,

Stephan

 

Shared ssl is when you use a certificate provided by your hosting company. Really the only issue with this is that when your customers are on your secure pages they are not seeing your domain name but the server name.

The only reason that you need to have your secure files in a seperate folder is that your hosting company has set it up this way as osC will normally switch from secure to non-secure pages as needed when ssl is enabled without the need for seperate copies of your files.

The Knowledge Base is a wonderful thing.

Do you have a problem? Have you checked out Common Problems?

There are many very useful osC Contributions

Are you having trouble with a installed contribution? Have you checked out the support thread found Here

BACKUP BACKUP BACKUP!!! You did backup, right??

Link to comment
Share on other sites

Im curious as to why you feel the need to have your catalog on SSL space? When the customer registers you only collect general stuff anayway, like name address and *maybe phone number / dob. If you are not collecting the latter then there is no need whatsoever for SSL on your web space, however, the minute you start with credit card numbers then SSL is required.

 

If you pass the customer to a 3rd pary site like barclays to pay by card, then they have (or should have) all the ssl security required, so no need for you to have it.

 

 

F5

Link to comment
Share on other sites

Im curious as to why you feel the need to have your catalog on SSL space? When the customer registers you only collect general stuff anayway, like name address and *maybe phone number / dob.

 

Yes, name, address, phone number, d.o.b, and e-mail address etc. Great information to have if you are data mining someone's website. Aye, you can even pick it up in transit, as it is sent over the not-so-secure medium of the internet - no need to hack into the site at all, and you can even pick up the non-encrypted password - with which you can now access their Account Area!

 

The message is - I would NEVER buy anything from a website that did not encrypt information I am giving them.

 

All good, and even some not-so-good, hosting companies provide a shared ssl for free - so use it. You are paying for it as part of your package. Even a full ssl can cost less than $50 a year.

 

Vger

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...