Simple steps to create HTTPS for your website


If you are collecting any sensitive information on your website (including email and password), you need to make sure the steps are safe. One of the best ways to do this is to create and activate HTTPS, also known as SSL (Secure Socket Layer), below article Taimienphi.vn will guide you through the steps to create HTTPS for a simple website.


Enabling HTTPS to ensure the information to and from the server is automatically encrypted. This is to prevent an attacker from stealing sensitive information from visitors while accessing the Internet.

It is safer for visitors to see a green lock icon when visiting your site, and they can understand that the site has been issued a security certificate. Steps to create HTTPS for the website Simple will help your website become safer, increase the number of visitors.

Simple steps to create HTTPS for your website

overview

The biggest advantage of SSL certificates is ease of installation. After completing the installation of SSL, your next task is to direct users to use HTTPS instead of HTTP. If trying to access the site by placing https: // Before the URL, you will get an error message immediately. The reason is because you have not installed an SSL certificate. The following article will guide you how to create a simple HTTPS website as well as how to install and activate an SSL certificate.

The steps to create HTTPS for the Website are very simple, including 5 steps:

1. Set up a private IP address for the server.
2. Purchase a certificate.
3. Activate the certificate.
4. Install the certificate.
5. Configure the website to use HTTPS.

Step 1: Set a private IP address for the server

To provide the best security, the certificate requires your site to have its own IP address. Many small web host packages add shared IP addresses, but many other websites use the same location. With a dedicated IP address, you can ensure traffic from IP addresses only to your website and not to other websites.

If you are looking for an affordable web host with a dedicated IP address you can choose StableHost. At the moment the StableHost package costs less than 6 USD / month, but the price will be cheaper if you pay always the 1 year package.

If you don’t have a dedicated IP address package, you can ask your current server to upgrade your account to get a dedicated IP address. Of course you will have to pay a fee, be it year or month by month.

Step 2: Buy a certificate

The next step you will need something to prove the website owner is you, just like your website certificate. To do this, you will have to create an SSL certificate.

A certificate is simply a piece of letters and numbers that only your website knows, which can be roughly interpreted as a long password. When your site visitors via HTTPS, the password will be checked and if matched, it will automatically verify the site owner is you, and it will encrypt everything, including traffic. visit on your website.

It is technically something you can create yourself (also known as a self-signed cert), but all popular web browsers are digitally certified (Certificate Authority – CA). ) check, and also have a long copy of the password and you can confirm. To be accredited by digital certificate vendors, you must purchase a certificate for your website. You can learn more Top 10 SSL certificate providers Best to choose a good certificate provider for your website.

GeoTrust QuickSSL is one of the best certificate providers, besides NameCheap, and a number of other certificate providers. At this point, GeoTrust QuickSSL certificates cost $ 46 per year, and comes with a website seal that you can put on your site so that users know it’s a trusted site.

Step 3: Activate the certificate

Note: Check if your web host activates the certificate itself. Activation of certificates can get complicated, if possible you should wait 1 to 2 days for them to perform the best.

If you manually activate the certificate, the next step you need to do is to create a CSR file. The easiest way to create a CSR file is to do it in your web hosting control panel, such as WHM or cPanel. Access the SSL / TLS admin section and select Generate an SSL certificate and Signing Request. Fill in the fields as shown below:

Creating cookies for donated website 2

In the “Host to make cert for“Enter your domain name, and the Contact email field can be left blank. After filling in the information, you will see a window like the following shown on the screen:

Creating cookies for donated website 3

Copy the first block of text. You need to use this CSR to provide an SSL certificate issuer so they can establish your identity for you. Log in to your NameCheap account or any account for which you purchased a certificate and activated that account.

Paste your CSR into the required frames. It will ask you for an approval email. This is an email address that proves you own the domain name, such as webmaster@domain.com . If the email does not exist, you must create an email to retrieve the email containing the final certificate. Follow the steps, and after you have completed the email address you will receive the file .crt.@ domain.com>

Step 4: Install the certificate

Note: Check if your web host has a certificate installed. Installing certificates can get complicated, if possible you should wait 1 to 2 days for them to perform best.

If you install the certificate yourself, the steps are simple. Once you have the certificate in hand, all you need to do is paste it into the web host control panel. If using WHM.Cpanel, from SSL / TLS menu Click on it Install an SSL Certificate.

Creating cookies for donated website 4

Paste it into the first box and click Submit. You can now try accessing your website through https://www.domain.com.

Step 5: Configure the site to use HTTPS

If visited your website has https: // placed before page URL, the page will load. This means that you have successfully installed SSL and activated the HTTPS protocol, but the problem is that your visitors are not protected. Your task is to ensure site visitors through HTTPS.

Note that HTTPS should only be used for E-commerce websites or sales websites, etc.If enabling HTTPS on websites where users do not log in with sensitive information, it will distract. charge encryption processing and slow down the experience. Identify target sites and follow one of the two methods below.

You can update all links to destination websites using HTTPS links. In other words, if there are links to your shopping cart on the homepage, update those links to use safe links. This links all pages pointing to sensitive URLs.

However, if you want to ensure users can only use specific pages securely no matter what links they have, it is best to use a server-side approach to redirect users not to HTTPS. .

To do this, insert a code snippet at the top of the security page. Here is one of the code snippets in PHP:

// Require https

if ($ _SERVER[‘HTTPS’] ! = “on”) {

$ url = “https: //”. $ _SERVER[‘SERVER_NAME’] . $ _SERVER[‘REQUEST_URI’];

header (“Location: $ url”);

exit;

}

Creating cookies for donated website 5

Another server-side approach is to use mod-rewrite. This does not require you to change any web page files, but will have to modify the apache configuration. Here is a mod-rewrite:

RewriteEngine On

RewriteCond% {HTTPS} off

RewriteRule ^ (cart / | checkout /) https: //% {HTTP_HOST}% {REQUEST_URI}

Creating cookies for donated website 6

This will ensure that if someone accesses the site via HTTP, they will automatically be redirected to HTTPS.

Tips

You need to understand that HTTPS does not mean that the information on the server is secure, it only protects the transfer of data from the visitor’s computer to your server. After sensitive data is transferred to your server, it will be protected by database encryption, etc.

Some users simply need to search for the keyword on the page, not the browser. After installing SSL, you can add a lock icon on your web pages so that they know it is a trusted site, in case if they don’t notice the URL bar.

https://thuthuat.taimienphi.vn/cac-buoc-tao-https-cho-website-don-gian-32232n.aspx
Above Taimienphi.vn has just guided you to create HTTPS for simple website. A safe and reliable website is a site with properly installed security certificates. By installing SSL certificates on your website, you can be sure your site visitors are less vulnerable. If HTTPS and SSL are not distinguishable, please refer to the article distinguish HTTP, HTTPS and SSL here.

.

Add a Comment

Your email address will not be published. Required fields are marked *