chrometweaks.org

If I open a website with yahoo iPage is my email address kept private.?

Click Here To View All Answers...


My 1st question is: If I open a website with yahoo iPage is my email address kept private.? Looking forward for any answer or 2. Second question of mine... First time I have ever contemplated putting SSL into the iPage site because I just have never needed to before..

My transactions are going to be credit card and possibly paypal aswell. For Credit/Debit cards we are going to use a 3rd party such as Secpay? or something like that, still doing some research on this and paypal speaks for itself..

Do I need to install SSL on my site? I don't have the first clue about what it is to be honest, except it keep things safe obviously...

Comments (36)

That's a good question. I'm not sure what is the right answer. I'll do some Googling and get back to you if I got an anything. You should email the people at iPage as they probably could give you help..

Comment #1

I would second that. Identity theft is a growing concern...

Comment #2

Is this something I have to purchase through my iPage hosting company, and they install it for me on my whole site? Or is it something I have to add manually to by whole site?..

Comment #3

You don't have to purchase through the iPage hosting company, but they should install it gratis to save you the hassle...

Comment #4

Just Google the term.

SSL certificate.

Personally, I'd stay away from the really cheap ones..

I think the person I setup the osC iPage site for got his for around $100..

The way it worked for us was this:.

1. In the Control Panel we had to generate a CSR (Certificate Signing Request)..

2. When you buy the SSL you send them the CSR. It's just a small text file..

3. They take that data (and your money) and send you back some files..

4. We took those files and installed the SSL certificate via the Control Panel..

If you have any questions or doubts at all about the procedure.

ASK YOUR HOST.

!!!.

We actually used a "trial certificate" for a few months and I don't think I installed it correctly. It worked OK in IE, but Firefox was always complaining about it..

When we got the "real thing" I asked the Host for the correct procedure. They gave me some detailed instructions, fairly simple, and it worked like a charm..

Of course, the way your iPage hosting company works may be different but that's how it worked for us..

This post has been edited by.

Germ.

: 20 July 2008, 14:43..

Comment #5

In many cases, the "really cheap ones" are the same cert selling for $100. You just get extra graphics to play with. Not worth it in my opinion..

Jack..

Comment #6

More about "really cheap" and "not so cheap" SSL:.

Click Me..

Comment #7

Hi, I asked my iPage hosting company about one, they got it for me, installed it all for $60 - a good deal as far as I was concerned..

I run a few 'sub domains' off my main iPage site and I have just checked over the last day or so and the iPage hosting company say it covers all my sites..

Hope this helps...

Comment #8

Are you referring to the ability to show it is a verified ssl? If so, that is one of the graphic options I was referring to. Yes, it has more meaning that a regualr graphic change but makes absolutely no difference to the opeeration of the cert, especially from the common web surfer. They look for https and the lock, sometimes just the lock. If it is there, nothing else matters to them. If having that option is important to a shop owner, then they have to pay three times as much as they should, or almost six times if the cert is purchased from a place like namecheap. I don't think it is worth it myself but some do and will pay, which is why such certs are available..

Jack..

Comment #9

The average e-shopper probably doesn't know (nor care) where the SSL cert. is from - Acme Certificate Shop down on the corner, or Verisign..

And maybe as long as the "lock" appears in the browser, it really makes no diff. at all..

A good decision is usually a product of all the facts available..

I was just adding more facts to consider...

Comment #10

To clarify a few things for Tim, SSL protects your customer's information on it's way from his or her computer to your host's or your webserver (just so you understand that it protects the data in transit only, and not once it is sitting on your host's server)..

As Jack and Jim and Leslie and all agree, many potential customers want to see that you have SSL before they will enter.

Any.

Personal info on your site. It's worth it if you are serious about doing business..

Jim has outlined the steps he had to take - it will be similar for you. Your iPage hosting service will help with the technical end, as will the company you purchase the SSL cert. from (many of them have detailed step-by-step instructions on their sites about generating your CSR, etc. - that's how I learned to do it. It's no biggee at all)..

Once your iPage hosting service has all the files they need, they install the lot on an SSL-enabled web server, and host your iPage site there. Your URL will not change, nor will your upload procedure. The only difference will be that if you link to a page on your iPage site with "https" instead of "http", your browser will now load an SSL-protected page, with the little lock and all that..

There is no need to protect all your pages with SSL - just the pages where customers enter info..

When SSL is available, osC is already configured to link to all it's "checkout" pages with "https". The whole thing is a snap!.

Happy designing,.

~Wendy..

Comment #11

Thankyou very much for all your replies. I feel as if I understand it a lot better now. Thankyou Wendy for the run through of everything as well, it was all really helpful..

With what you were saying about the https prefix on your iPage site - you say that Oscommerce is automatically configured when the SSL is on your iPage site it will change these prefixes on the checkout pages etc. Does that mean once the iPage hosting company has hosted my iPage site on a SSL secured server I will not have to change a thing atall?..

Comment #12

SSL is not necessary as you will be using the SSL pages of your 3rd party processor. Unless you have a way to secure your database and files from intrusion, having SSL does little good anyway..

What SSL is good for, is a smokescreen. The smokescreen gives the illusion of security to Joe Bloggs on the street who doesn't understand how websites and webservers work..

Having said that, I'd advise having SSl rather than not having it. The cost is negligibale and if it only helps a handful of clients to buy something from you, then you have cleared the cost...

Comment #13

Hi Tim!.

Well, you probably.

Will.

Have to change a couple of things. When you went through the installation process for osC, you were probably asked if you wanted SSL enabled, and you probably said no, since you didn't have it. Unfortunately, there is no portal in the Admin panel through which you can change this later..

Soooo, once your iPage hosting provider has your SSL ready to go, you will have to make a couple of changes in the PHP code of osC in order to make use of your SSL..

It's not hard ... here goes..

First.

, so that SSL will be enabled in your catalogue pages, go into /catalog/includes/configure.php, find the code below, and change it accordingly. Specifically, make sure that 'ENABLE SSL' is set to true, and that your iPage domain name with https is listed as the 'HTTPS_SERVER'..

Note: During the purchase process for SSL, you will be asked what iPage domain you want protected. You can protect either "www.mysite.com" or simply "mysite.com" with no www prefix. In the end, there will be no difference for the catalogue user (that I know of), but for you, if you register "mysite.com", then that is what will go under 'HTTPS_SERVER'. Myself, I went for the www prefix as it seemed simpler. I think most people do..

Here's the code snippet from /catalog/includes/configure.php, change accordingly:.

....

// Define the webserver and path parameters.

// * DIR_FS_* = Filesystem directories (local/physical).

// * DIR_WS_* = Webserver directories (virtual/URL).

Define('HTTP_SERVER', 'http://www.yoursite.co.uk'); // eg, http://localhost - should not be empty for productive servers.

Define('HTTPS_SERVER', 'https://www.yoursite.co.uk'); // eg, https://localhost - should not be empty for productive servers.

Define('ENABLE_SSL', true); // secure webserver for checkout procedure?.

Define('HTTP_COOKIE_DOMAIN', 'www.yoursite.co.uk');.

Define('HTTPS_COOKIE_DOMAIN', 'www.yoursite.co.uk');.

Second.

, so that your Admin panel will also be protected by SSL (which is a good idea), look for this similar snippet of code in /catalog/admin/includes/configure.php, and change accordingly:.

....

// Define the webserver and path parameters.

// * DIR_FS_* = Filesystem directories (local/physical).

// * DIR_WS_* = Webserver directories (virtual/URL).

Define('HTTP_SERVER', 'http://www.yoursite.co.uk'); // eg, http://localhost - should not be empty for productive servers.

Define('HTTP_CATALOG_SERVER', 'http://www.yoursite.co.uk');.

Define('HTTPS_CATALOG_SERVER', 'https://www.yoursite.co.uk');.

Define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module.

Good luck with the SSL! I don't know your level of experience, but if you need help with accessing and editing your PHP files, just put up a post..

~Wendy..

Comment #14

Thankyou for your kind reply Wendy..

I've been getting on quite well editing php as instructed and just reading up on php from the very beginning so I understand the changes I am making too..

So in the configure.php file....

1) Enable SSL using the true command.

2) On this line *** define('HTTP_SERVER', 'http://localhost'); *** - I need to put e.g 'http://www.example.com';.

3) And on this line *** define('HTTPS_SERVER', 'http://localhost'); *** - I need to put e.g. 'https://www.example.com';.

IF.

I choose www.example.com for my iPage hosting company to protect through ssl..

OR.

'https://example.com' if I choose for my iPage hosting company to protect 'example.com'.

Sorry if I repeated everything you instructed, it's just my way of getting my head around it and everything..

Thankyou very much once again Wendy..

This post has been edited by.

Jan Zonjee.

: 06 November 2009, 21:37..

Comment #15

As I am experiencing some difficulty with the SSL Cert etc, could I please ask this query..

In catalog/includes/configure.php - I have no problem - file is there - apart from I can not upload the file as when I try I a warning come up as follows:.

An FTP error occurred - cannot put configure.php. Access Denied. The file may not exist or there could be a permission problem..

In catalog/admin/includes/configure.php the only difference I can make out is that in the other php file I have : define('ENABLE_SSL', false);.

In this admin file I have : define('ENABLE_SSL_CATALOG', 'false');.

I could change the one in 'admin' to read 'true' and upload it BUT the one in catalog/includes, it won't let me..

Any ideas?.

Regards.

P.S. All other files to anywhere I can upload OK, just this one...

Comment #16

Please forget last message = I have it sorted..

It was a permission problem..

The file permission was set to 444, just changed it to 644 and now everything works OK..

Kind regards.

John..

Comment #17

Same as question with tim, but one things different my question....

Is SSL necessary when my online shop just keep with paypal verified,.

Is that already give the our customer secure and peace of mind ? probably ? is it not enough security?.

Please kindly your advise.....

Regard.

Wibisono..

Comment #18

First time I have ever contemplated putting SSL into the iPage site because I just have never needed to before..

My transactions are going to be credit card and possibly paypal aswell. For Credit/Debit cards we are going to use a 3rd party such as Secpay? or something like that, still doing some research on this and paypal speaks for itself..

Do I need to install SSL on my site? I don't have the first clue about what it is to be honest, except it keep things safe obviously...

Comment #19

I don't register or buy anyplace online that requires me to give personal info (name, address, etc.) if it doesn't use SSL..

Personally I think it's a "must have" for any ecommerce site, if only to give customers peace of mind that they're personal info is secure...

Comment #20


This question was taken from a support group/message board and re-posted here so others can learn from it.